/srv/irclogs.ubuntu.com/2010/02/23/#ubuntu-server.txt

MTecknology!info php5 lucid00:09
ubottuphp5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.2.12.dfsg.1-2ubuntu2 (lucid), package size 1 kB, installed size 20 kB00:09
MTecknology!info php500:10
ubottuphp5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.2.10.dfsg.1-2ubuntu6.4 (karmic), package size 1 kB, installed size 20 kB00:10
ceocoderdoes anyone have experience running netxen nc3031 nic on ubuntu 9.10? I'm facing some overheating issues,00:36
twbWhy would the OS flavour make the NIC more likely to overheat?00:39
ceftwb: driver code specific to that kernel doing something the NIC doesn't expect?00:40
twbGranted, but most of that would be a kernel issue, not a distro issue.00:40
cefie: crappy nic problem00:41
ceftwb: true, but how many 'average users' can compile and test that it's a kernel issue?00:41
ceocoderwell not too many including my self,  I saw on some git commits for kernel that overheating was an issue with this card and has been resolved since rev 40, I'm running rev 4300:44
ceocoderin addition to that I'm using 3Par san as my primary storage00:45
ceocoderand every time machine reboots, I see this message Feb 21 14:30:34 machine3 kernel: [  147.854465] ext3_orphan_cleanup: deleting unreferenced inode 676729400:46
ceocoderany insights on how to pinpoint this problem?00:47
twbWell, you could examine the contents of that inode01:09
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
maxagazdhcp-server is not started automatically at the boot on two of my servers, but it in /etc/rc2~5.d/S20dhcp-server, and there's nothing in syslog about the problem02:41
maxagazwhat else can I do ?02:42
Roxyhart08hi how i can know if tinydns is running in my server?02:47
pmatulismaxagaz: apply strace on the init script02:52
pmatulisRoxyhart08: check the output of the 'ps' command (ex: 'ps ax')02:52
maxagazpmatulis, it doesn't help...02:54
maxagazpmatulis, it works when I run it manually02:54
pmatulismaxagaz: and your server has a static address right?02:54
Roxyhart08i am not sure why my server is talking another name02:55
maxagazpmatulis, yes02:55
Roxyhart08when i access from ssh or directly it say user@wrongserver instead user@myserver02:55
pmatulisRoxyhart08: maybe you're connecting to the wrong server (?)02:56
Roxyhart08no02:56
twbRoxyhart08: pastebin the output of "hostname; hostname -f; cat /etc/hosts; echo FNORD; getent hosts"02:57
Roxyhart08i access with ssh and directly to this server and same problem,  but i reboot it and now is ok, not sure why it happened02:59
Roxyhart08maybe something with the dns?03:00
twbRoxyhart08: follow orders or it's back in the killfile for you.03:03
pmatulisgeez03:07
twbpmatulis: I think he's probably killfiled me already :-)03:26
uvirtbotNew bug: #526222 in tomcat6 (main) "Problems installing Tomcat" [Undecided,New] https://launchpad.net/bugs/52622205:06
uvirtbotNew bug: #526230 in openldap (main) "jaunty -> karmic upgrade modifies cn=config DB definition, creates syntax error, slapd won't start" [Undecided,New] https://launchpad.net/bugs/52623005:36
Roxyhart0hi has somebody installed samba as PDC on ubuntu?06:13
=== martin__ is now known as martin-
maxagazcan I do something like a traceroute to check if "id foo" really uses the ldap information instead of local information ?07:29
maxagazor cached informations07:30
OmrHow do i remove apache from ubuntu server?07:35
maxagazstrace/07:36
maxagaz?07:36
sherrOmr: apt-get remove apache207:36
Omrthanks07:37
sherrmaxagaz: add a user to LDAP and test?07:37
hyperlinxhow can i download webmin on ubuntu server07:54
twbhyperlinx: first step is to compromise your principles and your integrity07:55
bafflehyperlinx: I don't think Ubuntu ships Webmin in the distribution anymore. Take a look at "ebox".07:56
bafflehyperlinx: It might be what you're looking for.07:56
hyperlinxebox ill chack it out07:56
bafflehyperlinx: http://www.ebox-platform.com/07:56
Omrtwb: i got apt-get working thru a proxy.  It was an authentication problem so i disabled authentication on the proxy.07:59
twbOmr: as I suspected -- apt-get doesn't do most forms of HTTP proxy auth08:01
OmrYeah i had to disable authentication or download a proxy-proxy to do the authentication for apt-get which didn't help without the proxy to install the application with apt get confusing so i just disabled and away it went08:07
twbOmr: I didn't realize you were allowed to do that, otherwise I'd have suggested it08:11
Omrdont worry i wasn't and now irc boots me all the time for having an "Open Proxy Detected"08:17
twbUm, you shouldn't have a proxy listening to the internet side AT ALL08:21
OmrI get what your saying but the proxy allows my outside access from WAN since the proxy listens on the same port as the net currently runs in which is why im trying to set up the ubuntu server08:24
OmrIf linux community designed XT network for telicom NZ i wouldn't have this problem since my cellphone would work and i wouldn't need Wan08:24
OmrMy main PC has no room for xtra network card08:26
Callum__Omr: heh, I'm on XT too, I haven't had THAT much issues with it but I've definitely noticed it =P08:26
Omrwell i use XT for my internet since im rural08:26
Callum__Telecom NZ is a fucking joke, absolutely useless with anything they touch08:26
Omrwell i used to08:26
Omrits constantly intermitent08:27
OmrWell now i have to use dial up08:27
Callum__my dad's business uses TelstraClear cable because we need the upload speed and the reliability08:27
OmrAnd i had to make hi gain antenas to direct 2km directional wan so i can use my laptop08:27
OmrYou live in a populated area08:28
Omrlucky for some08:28
Callum__heh08:28
Callum__here at home though, I'm on Telecom's ADSL2+ (which is theoretically one of the fastest home connections you can get here) network and the speed is all over the place, pay $50/month for 20GB cap and slowed to dial-up when I go over it (which I always do)08:28
Omrby the year 3000 im sure i will be able to get broadband here. It will cost a fortune and go 128kbs lol08:28
Omrit took me 3 weeks to download ubuntu server and another 3 weeks for desktop and i have 7 mnths remaining for debian disk 1,2,3,4,5,608:29
Callum__really?08:30
Omryeah my max connection is 36kbs08:31
Omrthats max on a good day with no electric fences turned on between me and the nearest exchange08:31
Callum__o_O so that connection is 36KB/s (kilobytes per second) or 36Kbps (kilobits per second)?08:31
Omrotherwise i just dc every 5 minutes when my "loss" is unacceptable to KoL08:31
Omr36kbs Kilobits08:32
Omrits a 56k dial up modem08:32
Callum__O_O That's TERRIBLE08:32
Callum__You're getting 4.5KB/s max?08:32
OmrAs i say you live in a populated area.  Thats why i use XT08:32
OmrD/L is 1 - 2 KB/s08:32
Callum__That's almost too slow to open most web pages >.>08:33
OmrSquid does wonders with that08:33
Omrthe first few weeks without squid was hell now squid does the work while i make a coffee08:33
OmrAnd a auto spider starts the apropriate links downloading for fast access08:34
Callum__so, that is your KoL dialup?08:34
Omryup08:34
Callum__I feel sorry for you =/08:34
OmrXT gave me 426kbs08:34
OmrBut i dont even get signal any more08:34
OmrTelicom says they will look into it soon08:35
Callum__426KB/s?08:35
Omrno 426kbs08:35
Callum__oh08:35
Omri said im rural lol08:35
Callum__lol yeah08:35
twb19:26 <Omr> My main PC has no room for xtra network card08:35
twbOmr: you can trunk multiple logical networks over a single physical interface08:35
Callum__that's not too good...52.25KB/s is a huge improvement over dial-up but is still not too fast08:36
twbYou just have to have an OS on each end that can terminate the trunk, i.e. Solaris, IOS or Linux08:36
Omryeah i did try that (Im still in windows on this machine) but it didn't seem to be accepted by most programs08:36
Omrthey all bound to a single ip08:36
Callum__53.25KB/s*08:36
twbOmr: then you did it wrong.08:36
Omri could rebind the proxy to any ip but nothing else functioned08:36
twbOmr: I'm not convinced Windows can do trunking anyway08:36
OmrIts highly possible that i did it wrong08:37
Omrwell i just opened tcp settings08:37
Omrand added multiple ip addresses and gateways08:37
twbtrunking is layer-2, not layer-3.08:37
persia[repost] ttx: soren So, to fix the issue with dnsmasq, I think the first knob is to make the code in dnsmasq/dnsmasq.c not exit if the interface isn't ready, but instead poll for it for a bit (http://paste.ubuntu.com/381715/ is current code).  Once that is complete, libvirt can be switched back to use --interface, and provide an --exclude-interface snipped to dnsmasq.  Does that seem sane?  Also, any pointers on where to find a good polling co08:37
persiade example?08:37
Omri could extrernally ping the extra ip's but couldn't bind to them from within windows08:38
twbOmr: you DEFINITELY did it wrong08:38
Omrok now your over my head i dont know what that means twb08:38
Omri just rung microsoft and asked them08:39
ttxpersia: that seems sane, I have no good example. I pinged Simon (upstream) on the bug to get his opinion08:39
Omrthats what they told me to do.08:39
* persia refreshes08:39
sorenpersia: I'm unsure why --interface is needed when we do --bind-address alrady?08:39
sorenErr...08:40
sorenpersia: I mean --listen-address.08:40
twbOmr: http://en.wikipedia.org/wiki/IEEE_802.1Q <-- this is trunking.  It's a layer-2 (i.e. ethernet) technology; it has no relation to the layer-3 (i.e. TCP/IP) stuff running on top of it.08:40
persiasoren: I may have become distracted then.  I'm just following a chain of bugs, and finally found one that seemed fixable :)08:40
Omrtwb: Thank you i will read it in a couple of minutes08:41
sorenApologies in advance if I seem short-tempered this morning. I just had an extremely annoying telemarketer on the phone, and am still cooling down.08:41
Omrim so going to mirror wikipedia next time i goto a cyber cafe.08:41
twbOmr: you should talk to #Wikipedia about that -- there are ways to do it efficiently.08:42
Omrtwb: yeah you can just download the entire site they offer a link08:43
twbSome guys were looking into it as a way to ship wikipedia to Africa (where the cost of networking is TRULY outrageous) on hard disks.08:43
persiasoren: So, if we stick with --listen-address, how do we construct an exclusion config.  Do we just ask the user on which address we want dnsmasq to listen, and also use --listen-address in the default dnsmasq config?08:43
OmrYup ever since wikipedia put up download links to yearly wikipedia archives08:44
persia(and not bother having libvirt ship anything at all)08:44
sorenpersia: I think --exclude is an odd approach for a dhcp server, really.08:44
ttxpersia: --listen-address will make the libvirt dnsmasq selective, and the snippet we drop in dnsmasq.d will make the system-wide dnsmasq avoid the selected interface ?08:45
sorenpersia: I don't really see the use case for it.08:45
persiaYou mentioned that, and I agreed with you, but I'm not really comfortable rewriting dnsmasq entirely :)08:45
ttxpersia: ah, except you won't know the interface name to exclude08:45
persiattx: That's part of what's tricky, and why I'm intrigued by what I'm interpreting as soren's suggestion: to also use --listen-address for the primary server.08:46
sorenThe tricky part is the fact that dnsmasq is a combined dns and dhcp server. For DNS, it makes perfect sense to listen everywhere. For DHCP... Not so much.08:48
persiaI have some code that automatically enables bind-interface in the default dnsmasq config in rules (lovely rules file: I've never seen anything like it), and I presume we'd be able to drop a "listen-address" line in /etc/dnsmaq.d/ from debconf.08:48
Omris there a program like gnomeppp that will work with ubuntuserver?08:48
persiasoren: See, my use case for dnsmasq is actually 99% the tftp server :)08:48
=== georg is now known as kwork
Omror additionaly (Since i beleive it should work) why does it inform me that i need ubuntu desktop enviroment08:49
sorenpersia: Ah :)08:51
Omrhmm i think twb answered that yesterday "Spaces matter"08:52
sorenpersia: Oh, the rules file. Yes, I remember that one :)08:52
twbOmr: wvdial is a ppp configuration thingy that uses no graphics.08:52
sorenpersia: I think it's the only debhelperless package I've ever seriously worked on.08:52
twbOmr: but you shouldn't REALLY need any wrapper, just ifupdown08:52
persiasoren: I've seen a few before, but those still followed a similar model to debhelper (but were just predebhelper).08:53
sorenah08:53
persiaAnyway, so have I interpreted your suggestion correctly, or are you still working on critique without a way forward yet?08:53
sorenI'm just rambling.08:54
persiaThat's fine.08:54
persiaBut I think you think that libvirt shouldn't have to change and is essentially doing the right thing.08:54
persiaIs this correct?08:54
sorenYes.08:55
persiaOK.  I think that if the race condition is fixed in dnsmasq, libvirt should go back to --interface to support changing the IP, but that's a completely different bug.08:56
Omrtwb: ifupdown? ill have to google that one08:56
persiaSo, discounting any libvirt changes, what is a sensible behaviour for dnsmasq?08:57
sorenpersia: Darned if I know.08:57
persiaas I see it, we have several options, as follows:08:57
persia1) bind to some specific interface(s)08:57
persia2) bind to some specific address(es)08:58
persia3) bind to everything except some specific interface(s)08:58
persia4) bind to everything except some specific address(es)08:58
persiaBased on your assertion that it seems strange for a DHCP server to be promiscuous, I think 1 or 2 makes more sense.08:59
sorenThe trouble is that what constitues "sane defaults" differs across the different services dnsmasq provides.08:59
persia(and if people want a real DNS server, they should be using bind or something)08:59
persiaBut dnsmasq only has a single configuration for all services.08:59
sorenPrecisely.08:59
sorenWell... It does now.08:59
sorenthat /could/ change, but I'm not too hot on the idea of having three different dnsmasq processes running by default.08:59
persiaAs a result, I assert dnsmasq is intended to provide convenient local networks for managing stuff like virtual hosts, embedded devices, etc.08:59
persiaAnd that it's *not* intended to be a service for production networks.09:00
persiasoren: Or six, for the use case we're trying to support :)09:00
sorenpersia: 6? wow :)09:01
sorenI was thinking one per service.09:01
persia3 from libvirt and 3 from dnsmasq09:01
persiaRight, one per service, per caller.09:01
sorenAh.09:01
persiaBut I agree that 6 processes is 1) overly heavy, and 2) takes away the advantage of dnsmasq being small and simple.09:02
sorenQuite.09:02
persiaSo let's ignore that possibility.09:02
persiaWhich leaves us with the inclusive-list vs. exclusive-list and interface vs. address decisions.09:03
persia(for dnsmasq as a standalone server: dnsmasq-in-libvert already took the decision to use inclusive addresses)09:03
persiaSo, this seems to be to be a sane default, but it means that one is required to have a static address defined where one intends to use dnsmasq-standalone.  Does this seem overly onerous?09:05
persiaalso, what's a sane default for this network address?09:05
=== [1]Omr is now known as Omr
uvirtbotNew bug: #514274 in samba (main) "NTLMv2 Authentication Not Enabled By Default" [Wishlist,Confirmed] https://launchpad.net/bugs/51427409:07
hyperlinxlan cabel is adapted but no internet connektion09:11
twbpersia: if you're talking about using exclude vs. include to tell dnsmasq which interfaces to serve DHCP/DNS/TFTP on, I'd say it depends on whether you expect *most* interfaces to be serviced.09:13
twbI've always used interfaces over addresses, simply on the basis that the interface name is less likely to change suddenly.09:14
persiatwb: Well, it depends on the environment.  libvirt (sensibly) does it based on the address because that's not a good assumption in that environment.09:15
persiaBut if we assume that dnsmasq running as a system service is typically in an environment that does have static interfaces, what do we select as a sane default?09:16
persia(and note that with the wide availability of USB interfaces, this may not be entirely safe, depending)09:16
twbudev ought to do its job09:16
twbwrt persistent net interfaces09:16
twbTangential question: when libvirt's using kvm, does it use qemu's built-in DHCP/TFTP instead of dnsmasq?09:17
persiaIt always uses dnsmasq, but in a special way.09:18
twbHeh.  "special"09:18
persiaBut this breaks the default "do everything everywhere" function of dnsmasq, because of a conflict on virbr%d09:18
uvirtbotNew bug: #526308 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/52630809:36
* persia feels stalled on suggestions for sane defaults, and sets aside the dnsmasq/libvirt stuff until someone has some good suggestions09:38
twbSo-rry09:40
twb"It doesn't matter if you're right or wrong, so long as you're definite"?09:41
ttxpersia: apart from the "DHCP server should probably not be promiscuous" objection, what is the drawback of following option (3) above ?09:41
ttx(once --listen-address polls rather than quits early)09:41
persiaWell, it's more work (dnsmasq needs to be able to handle some wildcards or accept runtime hinting).09:41
ttxpersia: let's see what Simon suggests on the bug09:42
persiaOK.09:42
ttxpersia: he happens to be upstream and debian maintainer for dnsmasq09:42
ttxpersia: he usually comes up with helpful suggestions :)09:43
persiattx: I think that the default is good for dnsmasq if not used twice on the same system.09:43
persiaI'm not even sure that the right answer isn't to disable running a separate dnsmasq in libvirt if dnsmasq is already running.09:43
ttxpersia: right, and the "libvirt drops a snippet that changes the main instance behavior" sounds good to me as it doesn't affect general dnsmasq usage09:43
persiattx: And that was the thing to which soren objected : he seemed to feel that libvirt was doing the right thing.09:44
ttxpersia: libvirt is doing the right thing if dnsmasq isn't already running on the same host.09:44
sorenWhat is it that we think libvirt does wrong?09:45
* soren may have missed something.09:45
persiaThat was my thought before soren's objection as well.  I think that the concept that dnsmasq should not be promiscuous informs the objection.09:45
ttxsoren: libvirt's dnsmasq breaks the systemwide dnsmasq, if you happen to install it.09:45
persiasoren: That libvirt ought inform dnsmasq what address not to target when dnsmasq is running as a daemon.09:45
persiaOr interface.  Doesn't really matter.09:46
sorenttx: That doesn't quite answer my question.09:46
sorenI know dnsmasq has a dbus interface. I don't know what it's for, though. Is that something we could use?09:46
ttxsoren: it was quite limited last time I looked into it.09:46
sorenSeems to still be the case.09:47
ttxhttp://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/dnsmasq/lucid/annotate/head%3A/dbus/DBus-interface09:47
ttxyep :)09:47
sorenhttp://www.thekelleys.org.uk/dnsmasq/docs/DBus-interface09:47
sorenNot sure if it's still current, but seems to be designed for something entirely different.09:48
persiaThere are two issue with using a config snippet: 1) passing the right address to ignore, and 2) handling the case where libvirt is installed *after* dnsmasq (maybe dnsmasq should have a trigger for config fragments?).09:48
persiaThe issue with dbus is the opposite: libvirt needs to know to send a message if dnsmasq is installed later.09:48
sorenttx: Again.. That libvirt breaks the systemwide dnsmasq just says that "they're not playing well together". Can you explain what libvirt does that you think is wrong?09:48
persiaNote that this could also be interpreted as "systemwide dnsmasq breaks libvirt" depending on startup races.09:50
ttxsoren: it does nothing wrong. But one of them (or both) need to be adjusted to play nice together.09:50
sorenttx: Right. And I gather you think libvirt is the one that needs changing?09:51
* persia thinks both need adjustment09:51
ttxsoren: it looked like a simpler option, with dnsmasq supporting config fragments... but since persia looked into it, it looks a little more complex than that.09:51
persiaThe only other alternative is to hope the user never configures dnsmasq to target the interface/address libvirt selects.09:52
ttxpersia: that's the current status.09:52
ttxpersia: you can solve it by configuration already.09:52
sorenpersia: We can't protect people from shooting themselves in the foot.09:52
persiattx: No, current status is that dnsmasq ships with a configuration that targets the interface/address libvirt selects.  We aren't relying on admins being careful, we're breaking by default.09:53
ttxand I think that has been soren's position: libvirt is doing nothing wrong, if you want to run dnsmasq you should know how to configure it.09:53
sorenttx: That sums it up pretty well, yes.09:53
persiaAnd following that logic, it makes sense to have dnsmasq ship a config that binds to some user-selected address or interfface with debconf which the user can later change.09:54
sorenI'm not sure what libvirt could do differently. It only binds to the interface it created itself. If the admin specifically wants to use his system wide dnsmasq (or dhcp3-server) to manage that as well, he shouldn't configure libvirt to do dhcp.09:54
ttxsoren: and persia's position is that currently we are leading people to shoot themselves in the foot by default :)09:54
persiaSo using inclusive, rather than exclusive.09:54
persiasoren: No, my position is that I've been shot in the foot by my operating system.09:54
persiaIt a bad default for our environment.09:55
persiaNow, shipping a good default isn't that hard.09:55
sorendhcp3-server doesn't do anything by default. It just sits there, waiting for you to configure it.09:57
persiaBut I'd like a suggestion on whether I should be using 172.16.50.122 as a default binding address or eth0 as a default binding interface.09:57
sorenIt doesn't expect to be able to guess which subnet you want and which interfaces you want served.09:57
sorenWhere did 172.16.50.122 come from?09:57
sorenI forget what bind9 does by default.09:57
persiasoren: Yeah, but there's no way to configure dnsmasq to do nothing by default unless we ship it disabled, which isn't the usual practice with demons.09:58
sorenpersia: Except dhcp servers.09:58
persiasoren: just a public address off the top of my head.09:58
persiaErr, private address (can be used by anyone)09:59
* persia fails at nomenclature09:59
sorenHey, how about this:09:59
* soren checks a few things to make sure this even makes sense10:00
sorenOh, libvirt probably shouldn't be passing --bind-interfaces. That seems wrong.10:00
sorenAnyway, how about we just disable the dhcp server in dnsmasq by default (or let people configure it through debconf)=10:01
soren?10:01
ttxisn'tit already the case ? /me checks10:01
persiasoren: Um, no.  The key reason to use --bind-interfaces is to restrict the server to a set of interfaces, rather than doing everything.10:01
persiaOtherwise --listen-address won't have the effect it does.10:02
persiaSo libvirt should very much be using this.  I think libvirt should *also* be using --interface, but that requires fixing the bug in dnsmasq.10:03
ttxDHCP won't run by default, unless you add dhcp-range=10:03
soren--bind-interfaces makes it bind to /all/ interfaces, doesn't it?10:03
sorenOr am I misreading the docs?10:03
persiasoren: The opposite.  --bind-interfaces makes it bind to specific interfaces, rather than everything.10:03
soren"On  systems  which  support  it,  dnsmasq  binds the wildcard address, even when it is listening on only some interfaces."10:04
soreni don't even know what that means.10:04
sorenHow do you bind to the wildcard address, but only some interfaces?10:04
persialinux supports this, so ignore the first bit.10:04
persiaYou accept any packets with any address to that interface?10:04
persiaFor instance, eth0 might be on 10.100.200.4 but also connected to a local hub is a NAS that has a default interface of 192.168.11.150 and makes tftp requests to load the OS.10:05
ttxsoren: it bind to * but discards packets coming from excluded interfaces10:06
persiaSo if you bind to the wildcard address and eth0, you see that.  If you bind to the address, you don't.10:06
sorenttx: That's what I thought, but that's exactly what it doesn't do.10:06
* ttx rerereads dnsmasq.conf10:06
sorenIf you were bound to *, others wouldn't be able to do so as well.. right?10:06
ttx"It then discards requests that it shouldn't reply to. This has the advantage of working even when interfaces come and go and change address."10:07
sorenRight.10:07
soren..but only one process can be bound to any one address/port/protocol at any given time.10:08
soren..and the last sentence says this is useful if you're running multiple dnsmasq's.10:08
soren..so I'm confused.10:08
ttxah, I see. That sentence describes default behavior, not what happens when bind-interfaces is enabled :)10:09
sorenOh.10:09
persiaIndeed.10:09
ttxread "By default, dnsmasq binds the wildcard address"10:09
sorenOh!10:09
* soren rereads10:09
sorenThat would make much more sense.10:09
persia--bind-interfaces locks it down to specific addresses or interfaces, as specified.10:09
sorenOH!10:09
sorensanity restored.10:09
sorenYay.10:10
sorenOk, I'm all better now.10:10
ttxsoren: I agree that sentence is slightly confusing, especially with the double meaning of "bind-interfaces" :)10:10
sorenRight, where were we?10:10
ttxshould be "bind-to-specific-interfaces-rather-than-wildcard"10:10
sorenYes.10:10
sorenGreat. Ok.10:10
persiaOK, so are we agreed that setting --bind-interfaces by default is sane?10:11
sorenYes!10:11
persiaDone.10:11
* soren wonders why I have this:10:12
sorenudp        0      0 0.0.0.0:67              0.0.0.0:*                           1311/dnsmasq10:12
persiaNext, since we're using --bind-interfaces, we need to select some address or interfaces to which to bind.10:12
persiaI suggest we ought bind to eth0 by default.10:12
sorenDid we conclude that dnsmasq doesn't do dhcp by default?10:13
* soren crosses fingers10:14
* persia reads the config again10:14
ttxyes, no dhcp-range by default10:14
ttx"Uncomment this to enable the integrated DHCP server"10:14
ttx#dhcp-range=192.168.0.50,192.168.0.150,12h10:14
sorenWoo!10:14
sorenOk.10:15
persiaRight, which collides with the default range of a number of consumer routers.10:15
sorenSo, what we want to do, really, is to make sure the out-of-the-box experience isn't broken.10:15
persiaSo, if we bind by default to eth0, we only provide dns and tftp, and if someone wants dchp, they touched the config file.10:15
persiaThat's always the goal.  Part of the "Just Works" ethic.10:15
sorenAssuming people don't fiddle with anything at all, just --except-interfaces virbr0 would actually do.10:16
persiaWell, no, because we can't guarantee that virbr%d will be virbr010:16
sorenI know this is counter to what I've been arguing all along, but I honestly thought it had dhcp enabled by default. The fact that it doesn't, changes things.10:16
sorenpersia: Out of the box, yes we can.10:16
ttxpersia: tftp server is disabled by default, FWIW10:17
ttx"#enable-tftp"10:17
ttxby default it only does DNS10:17
persiaAnd now I understand why it didn't seem to work at all, even aside from crashing on start :)10:17
* persia didn't need or even really want the dns part10:17
ttxby default it doies DNS and reads forwarding server from /etc/resolv.conf10:18
ttxthats' all it does.10:18
persiaSo, libvirt upstream suggests that we configure dnsmasq like http://wiki.libvirt.org/page/Libvirtd_and_dnsmasq if we want to use it with libvirt.10:18
persiaThis matches what we almost decided, but since it doesn't do anything by default, I have a feeling we might decide something else.10:19
persiasoren: So have you returned to the idea that libvirt ought provide a config fragment that adds bind-interfaces and exclude-interface=virbr0 and dnsmasq ought have a trigger that detects config fragments and restarts?10:22
persia(which ttx suggested 3 months ago, and I thought was good before asking people about it)10:22
persiattx: And are you happy with the combination of --bind-interface and --listen-address in libvirt, rather than using --interface directly as you suggest in your bug comment?10:25
kworkdoes ubuntu server 9.04 have sshd on it ?10:25
kworki mean installation media10:25
sherrkwork: openssh-server is on the CD and in repos10:26
kworknot package10:26
kworki mean can i run sshd off livecd10:26
sherrkwork: yes - you can run a complete system, installing whatever on liveCD10:27
kworkhmmmz okey10:27
sherrkwork: LiveCD does not "persist" across reboots without extra setup ofcourse10:27
kworkyes, i just need sshd to access that machine remotely for a while10:28
kworkthanks anyways10:28
sherrno problems10:28
sorenpersia: I wouldn't complain if you just added except-interfaces=virbr0 to dnsmasq's default configuration.10:28
persiasoren: Um, why?  That breaks the case for people who don7t use libvirt.10:29
ttxpersia: I'm ok with it.10:29
acalvosorry to ask again, but want to know your opinion: if anyone had to develop an application which has to be modular and run in a *nix enviorenment, which programming language will you choose?10:30
sorenpersia: why?10:30
persiasoren: Because maybe they want some virtual machine using virbr0 to get pass-through DNS?10:30
persiaIf we put the snipped in libvirt, this always works.  If we put it in the default dnsmasq config, the user has to manually configure dnsmasq if not using libvirt.10:31
sorenpersia: Hey, feel free to add as many bells and whistles as you like. I'm just saying I'd be fine with the simple approach, which I doubt will cause many real surprises.10:34
persiaOK.  Then I'll proceed with the following:10:35
persia1) make sure dnsmasq has a trigger to restart if anyone adds config files10:35
persia2) have libvirt provide a config file with --bind-interfaces and --exclude-interface10:36
persia3) file a new bug on libvirt and dnsmasq about the --interface race condition.10:36
persiaOh, and 0) update the current bug afrer my current meeting to reflect that plan10:36
ttxpersia: sounds good to me.10:37
Roxyhart0hi, there i am migrating ldap-samba to another server and when i do net rpc getsid it is taking some different sambaid not the same that i got from ldap. any idea?10:53
=== nirvanis_ is now known as nirvanis
ivoksttx: i haven't written all the MIRs cause i'm *still* waiting for heartbeat, cluster-agents and pacemaker to be built (uploaded 5-6 days ago)12:14
Cromulenthi folks - I'm having some problems setting up Cyrus by following this guide: https://help.ubuntu.com/community/Cyrus - all is fine except the final two commands in the Mailbox creation section - it won't let me login to cryadm using the password I specified in the previous commands12:22
Cromulentany suggestions?12:22
sorenivoks: Oh, wow.12:26
sorenivoks: heartbeat says "    *   Start in 9 minutes (1855) What's this?12:26
sorenWhoops :)12:26
ivoks:)12:26
soren9 minutes.. Any minute now :)12:27
ivokssoren: Start 2010-02-2412:27
sorenivoks: Which arch?12:27
ivoksia6412:27
sorenpft12:28
sorenWho cares? :)12:28
ivokswell, until all archs are build, packages aren't available12:28
ivoksbuilt12:28
sorenFor MIR, we only really care about release architectures.12:29
sorenafaik12:29
ivokswould it be possible to have both rhcs and pacemaker in main?12:30
sorenIn terms of what?12:31
ivoksor at least just demote cman and rgmanager binaries12:31
ivoksthere are some tools built with support for cman, likve clvm12:31
ivoksif we drop libcman to universe, we'll have to drop cman support for clvm12:31
ivoksand that will blow up some working installations12:32
ivoksE: cluster-glue: binary-or-shlib-defines-rpath ./usr/lib/stonith/plugins/stonith2/ipmilan.so /usr/lib12:32
ivokscr@p12:33
ttxivoks: so all packages are uploaded, MIR are blocked on package build, and the rest of the spec can be pushed back to beta1 ?12:38
ivoksttx: yes12:38
ttxivoks: OK. I suggest we just drop "create cluster task for tasksel"... since it's now past-FF ?12:39
ivoksttx: eh :/12:40
ivoksttx: i'll try with FFE12:40
uvirtbotNew bug: #526416 in drbd8 (main) "package drbd8-source 2:8.3.3-0ubuntu2 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/52641612:41
ttxivoks: ok, I just updated work items accordingly.12:42
ivoksok, thanks12:42
uvirtbotNew bug: #526418 in samba (main) "Samba-common-bin installed post-installation script fails with error 2" [Undecided,New] https://launchpad.net/bugs/52641812:47
ttxivoks: looks like score 1855 is synonymous to "never" :/12:49
ivokseh?12:49
ttxwell, heartbeat/amd64 was set to occur in 2 minutes, 10 minutes ago... now it says "20 minutes"12:49
ivoksyeah, i had same issue with cluster-glue12:50
ivoksit took 5 days for it to build12:50
ivoksit was on on sunday evening, iirc12:50
ivoksand published yesterday12:50
ttxivoks: you might try to ask for help on ubuntu-devel, if you can convince any of the ones with scorepumping powers to help you12:50
persiacrested is inoperational, which has significantly slowed the amd64 queue for the past few days.12:51
ivoksor... do everything in my ppa and sell it as a addition to ubuntu server :D12:51
persiaIt's more than scorepumping, it's that a job needs killing.12:51
TeTeThas anyone done a live migration with virsh on Ubuntu 9.10? I get an Unknown Failure, http://pastebin.ubuntu.com/382228/12:51
ivokspersia: amd64 is ok12:51
ivokspersia: ia64 is what's killing my packages12:52
ttxivoks: not really. ia64 will not prevent publishing12:52
ivokswell, are you sure?12:52
* persia was referring to "heartbeat/amd64 was set to occur in 2 minutes, 10 minutes ago... now it says "20 minutes"" and is apparently confusing two separate issues.12:52
ivoksi had cluster-glue publishing waiting for sparc and ia6412:52
ivoksiirc12:53
ttxivoks: iIrc I had packages published once i386/amd64 were done12:53
ivoksok, then i'll just wait for heartbeat to finish12:53
ivokson amd6412:53
ivoksand this one:12:54
ivokshttps://edge.launchpad.net/ubuntu/+source/cluster-agents/1:1.0.2-0ubuntu1/+build/151471712:54
ttxthis one will be blocked in NEW12:55
ivoksawesome :/12:55
zulmorning12:56
Kakohi12:56
Kakozul12:57
Kakohi anybody12:57
uvirtbotNew bug: #526430 in postfix (main) "can't completely remove dovecot-postfix" [Undecided,New] https://launchpad.net/bugs/52643013:02
smosergood morning all.13:40
bogeyd6I want to block entire countries from accessing my mail server. spam is heavy today13:51
ivoksantispam is actually quite easy these days13:52
ivoksblocking countries would be pointless13:53
bogeyd6disagreed13:53
bogeyd6i have no interest any email originating from Russia / Pan Pacific13:53
bogeyd6ivoks if 5% of 3million emails make it through in one 24 hour period, how many spam emails is that13:54
screen-xbogeyd6: do you use RBLs?13:54
ivoksrbls and greylisting kill 99,99% of spam13:55
screen-xivoks: yep :)13:55
bogeyd6abuseat, spamcop, spamhaus, wpbl13:55
bogeyd6use a tagging/blocking system. if you popup on two you are blocked, if you only hit on one you are tagged13:56
bogeyd6Server Status13:56
bogeyd6Server Uptime13:56
bogeyd621 hours, 57 minutes13:56
bogeyd6Storage Occupied13:56
bogeyd6Total Storage13:56
bogeyd6341.7 GB13:56
bogeyd6Storage Occupied13:56
bogeyd6146.4 GB13:56
bogeyd6Percent13:56
bogeyd643 %13:56
bogeyd643% - Storage Occupie13:56
bogeyd657% - Storage Fre13:56
bogeyd6Antivirus statistics13:56
bogeyd6Attachments checked13:56
bogeyd68 326 67413:56
bogeyd6Viruses found13:56
bogeyd626213:56
bogeyd6Prohibited filenames/MIME types found13:56
screen-xbogeyd6: I've found b.barracudacentral.org to be pretty good.13:57
persia!pastebin13:57
bogeyd665 08013:57
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.13:57
bogeyd60% - Viruses foun13:57
bogeyd6100% - Attachments without viruse13:57
bogeyd6Spam filter statistics13:57
bogeyd6sorry, a thousand space apologies13:59
jussi01bogeyd6: your fine, just please try use a pastebin :)13:59
bogeyd6it showed as a copy on one line, i guess i should have checked in a notepad first13:59
bogeyd6screen-x, this is my past 21 hours http://paste.ubuntu.com/382267/14:00
ivokssoren: https://edge.launchpad.net/ubuntu/+source/cluster-agents14:02
ivokssoren: now, all except ia64 are built14:02
ivokssoren: but it won't be published before ia64 is built :/14:02
screen-xbogeyd6: What do you use to allow your users to mark messages as spam?14:03
bogeyd6screen-x, spamassasin14:03
persiaivoks: You could beg an archive-admin, as you "want to get it in for Alpha-3, and don't think ia64 is release quality for Alpha-3 anyway" ...14:04
screen-xbogeyd6: ok, but how do you present that to users?14:04
bogeyd6Spam button14:04
ivokspersia: i'll skip14:04
ivokspersia: it can be done after alpha314:05
bogeyd6go into junk folder hit not spam14:05
bogeyd6but if blocked, there is no option because it never arrives14:05
bogeyd6ivoks, running zimbra14:06
ivoksi have zimbra on one location14:06
ivokshate it's search engine14:06
ivokshate it cause you can't connect it to anything but outlook14:06
ivoksso, i just hate it14:06
bogeyd6agreed*14:07
bogeyd6plus the resource usage!!!14:07
* jgjones like zimbra14:08
bogeyd6omg, zimbra, 20 users, dual 2.4ghz's, 4gb ram, Load Average? 1.42, 1.60, 1.6514:08
jgjoneswe don't use outlook at all anyway - all staff prefer the webmail version anyway.14:08
bogeyd6jgjones, you ever roll out the desktop?14:08
ivoksjgjones: have you tried searching for an email?14:09
jgjonessearch - yup - I find it quite good14:09
jgjonesI tend to use advanced14:09
jgjonessearch by folder, date range, subject, to, from, tags, domain etc - quite a lot of options to use14:10
jgjonesbogeyd6, no - we don't use zimbra desktop14:10
bogeyd6its search is too yahoo like14:10
bogeyd6makes google searchers disoriented14:10
kirklandttx: is today's eucalyptus package happier for you?14:10
ttxkirkland: I'm testing the ISO right now14:12
uvirtbotNew bug: #526461 in eucalyptus (main) "UEC installer no longer proposes CLC+Walrus+CC+SC by default" [Undecided,New] https://launchpad.net/bugs/52646114:12
kirklandttx: i saw your new bug about the clc+++ not being selected14:12
kirklandttx: figured you might be testing it ;-)14:12
ttxyes, istr it was selected before14:12
ttxheh14:12
ttxdoing a manual install remembers me of good ol days14:12
kirklandttx: i think so too14:12
jgjonesbogeyd6, heh well I haven't had any problem so far as long as I use advanced and not treat it as a "Google" search.14:13
kirklandttx: :-)  automation does take a lot of the fun out of it14:13
kirklandttx: you should try it on mathiaz' test rig14:13
jgjonesivoks, can't connect to anything but outlook? um, it does have IMAP, POP3 etc so you could use any email client really14:14
ttxkirkland: it doesn't select node on the node install either. Will update, probably the same bug14:14
ivoksjgjones: but address book isn't usable14:14
ivoksjgjones: you can't share them between users14:14
kirklandttx: hmm, i wonder what changed recently ...  should check with cjwatson14:14
kirklandttx: we haven't touched anything like that on the eucalyptus side in a long time14:15
ttxI did touch eucalyptus-udeb, but nothing around the default choices14:15
ttxmight be a d-i bug14:15
ivoksjgjones: there are also tasks and calendars14:15
ivoksjgjones: those are not usable on any other client, except outlook and web client14:16
markus27_Is the question posted here correct? http://tinyurl.com/yz2cuf7  Does Walrus really store the full files on the cloud controller?  Aren't they distributed throughout the cluster?14:16
ivoksjgjones: all those things almost make exchange best groupware suite for linux clients :D i find that ironic...14:16
ivokstake care14:17
uvirtbotNew bug: #526464 in samba (main) "intermittent authentication: check_ntlm_password:  Authentication for user [someuser] -> [someuser] FAILED with error NT_STATUS_ACCESS_DENIED" [Undecided,New] https://launchpad.net/bugs/52646414:17
jgjonesivoks, yup - which is why we tend to just use web client only - we don't use Outlook at all anyway.14:17
jgjonesSpeed of webmail haven't been an issue.14:18
zulttx: do you want me to seed etckeeper for you?14:25
ttxzul: I was wondering what mathiaz's plan was. Recommend it from puppet or suggest/seed it14:26
zulttx: gotcha14:27
ttxI suppose it's the latter, but let's wait a few minutes more14:27
ttxor less than a few minutes.14:28
ttxmathiaz:14:28
ttx<zul> ttx: do you want me to seed etckeeper for you?14:28
ttx<ttx> zul: I was wondering what mathiaz's plan was. Recommend it from puppet or suggest/seed it14:28
ttx<zul> ttx: gotcha14:28
ttx<ttx> I suppose it's the latter, but let's wait a few minutes more14:28
mathiazhmmm - I was thinking about suggesting it14:29
persiaOnly suggest?  It makes life so much easier.14:30
ttxpersia: from puppet.14:30
mathiazttx: how does etckeeper handle the fact that /etc is already under vcs?14:30
ttxpersia: we should aim for an installer question for lucid+114:30
persiaAh. so suggest/seed rather than just suggest.  Never mind.14:31
ttxmathiaz: it handles it well if you select the same vcs... basicaly it will check for /etc/.bzr existence14:31
ttxmathiaz: but if you use a combination of VCSs...14:31
mathiazttx: there is also the fact that etckeeper pulls in bzr by default on Ubunut14:31
mathiazttx: and some admin may prefer another vcs by default14:32
ttxmathiaz: they can still use another one14:32
mathiazttx: vcs choices can be a touchy subject14:32
mathiazttx: agreed - the question here is about the *default*14:32
ttxmathiaz: etckeeper uninit, edit config, etckeeper init14:32
ttxmathiaz: well, any default will hurt someone14:32
mathiazttx: you install puppet and suddenly you get bzr as well while you're git fan14:32
ttxmathiaz: no14:33
ttxmathiaz: if you already have git installed, it won't install bzr :P14:33
mathiazttx: if puppet recommends etckeeper14:33
mathiazttx: ah ok14:33
ttxDepends: bzr (>= 1.4~) | git-core (>= 1:1.5.4) | mercurial | darcs, debconf (>= 0.5) | debconf-2.014:33
mathiazttx: cool14:33
ttxmathiaz: hmm14:34
ttxmathiaz: it might fail: though, since the config file doesn't autoadapt14:34
ttxi.e. we ship VCS=bzr in all cases14:34
ttx(and Debian ships VCS=git in all cases)14:34
ttxmathiaz: but that would be a bug14:34
ttxjust preventing initialization at install-time14:35
mathiazttx: ok14:35
ttxbut I agree that recommending might be overkill14:35
mathiazttx: we should ask the debian maintainer team what they think about it14:35
mathiazttx: for the time being, I'd seed etckeeper on the server iso (server-ship)14:36
ttxmathiaz: right.14:36
mathiazttx: since we're planning on lucid+1 integration14:36
ttxsul: ^14:36
ttxzul: ^14:36
ttxand gul: ^14:36
mathiazttx: and we'll talk with the debian maintainer about etckeeper support14:37
zulacked14:38
zuldone14:39
ttxzul: thanks14:40
ttxkirkland: hm.. my instance run test still fails with 1.6.2-0ubuntu314:48
ttx"Caught exception reading instance data"14:48
* ttx investigates14:48
kirklandttx: how did you bundle it?14:51
kirklandttx: i found i had to bundle the image by hand (see my notes and pointer to the other bug in cloud-utils)14:51
ttxkirkland: I bundled it using uec-register-tarball, but my image started ok... and is "running"14:52
ttxjust blocks at "Caught exception reading instance data" which is a symptom of the ephemeral0 bug14:52
ttxwill try manually though14:52
ttxkirkland: how did you test exactly ? Upgrade, then run a recent lucid image ?14:54
kirklandttx: yes, i ran yesterday's lucid image14:57
kirklandttx: upgrade, correct14:57
kirklandttx: i did a clean restart, then a reboot14:57
ttxbeh.14:59
* ttx digs deeper14:59
ttxmight be related to uec-register-tarball indeed15:03
ttxkirkland: yep, you were right.15:08
kirklandttx: i filed a bug, though smoser says it may be a dupe15:08
ttxkirkland: commented15:09
ttxLooks like trying to use one of those images breaks eucalyptus15:09
ttxthe original error is some failure to serve ramdisk-id metadata in eucalyptus15:09
ttx(looking at cloud-error.log)15:10
smoserkirkland, ttx i'll address uec-registre-tarball today..15:10
ttxso the way uec-register-tarball registers images makes them fail in UEC.15:10
kirklandsmoser: that would be great15:10
ttxyep, I wanted to rewrite the test instructions so that they look sane :)15:10
smoseryeah.15:12
ttxsmoser: I filed bug 526504 as well15:18
uvirtbotLaunchpad bug 526504 in cloud-utils "uec-publish-tarball should gracefully fail when run before eucarc is sourced" [Undecided,New] https://launchpad.net/bugs/52650415:18
smoserttx, i nominated bug  525989 for lucid. i would like to have it fixed and incorporated today for alpha3 if you think that s possible?15:20
uvirtbotLaunchpad bug 525989 in cloud-utils "uec-publish-tarball yields unrunnable emi" [Medium,Confirmed] https://launchpad.net/bugs/52598915:20
ttxsmoser: yes, that would be good to have15:22
ttxsmoser: if nothing more urgent comes up15:23
smoserok. then please accept nomination for lucid.15:23
ttxlike omgimagefails15:23
ttxor omgboothookconfigfails15:23
smoserttx, kirkland also, the symlink thing (bug 522292) has an easy fix in euca2ools15:24
uvirtbotLaunchpad bug 522292 in euca2ools "euca-bundle-image fails to use symbolic links" [Medium,In progress] https://launchpad.net/bugs/52229215:24
smoserthat i marked as beta-115:24
kirklandsmoser: i see that ... we can problem get that in right now15:24
kirklandsmoser: i'll need to ask slangasek for an exception15:24
ttxkirkland: why ?15:25
smoserit is a bug, right? the "freeze" is not solid, right?15:25
ttxsmoser: I'd tend to agree with you15:26
TeTeTkirkland: tested your SRU and it works fine, but discovered a new bug 52650615:27
uvirtbotLaunchpad bug 526506 in eucalyptus "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/52650615:27
ttxsmoser: would you have a boothook test config ?15:27
ttxsmoser: something we could add to http://testcases.qa.ubuntu.com/System/UECCloudImages15:27
kirklandTeTeT: introduced by that SRU?15:28
ttxsmoser: to validate boothooks are doing the proper thing15:28
smoserthere is one in cloudinit examples/15:28
TeTeTkirkland: I doubt it15:28
TeTeTkirkland: it's independent of it, having to do with volumes15:28
smoserttx, sorry, doc15:29
kirklandTeTeT: okay, please file a new bug, but please don't muddy the water in that other sru, if you don't believe its a regression15:29
TeTeTkirkland: no, filed a new bug, bug 52650615:29
uvirtbotLaunchpad bug 526506 in eucalyptus "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/52650615:29
kirklandttx: why what?15:29
ttx<kirkland> smoser: i'll need to ask slangasek for an exception15:29
kirklandttx: why fix it?  or why ask for an exception?15:30
ttxkirkland: why ask for an exception ?15:30
kirklandttx: okay, i won't15:31
kirklandttx: it's not disruptive15:31
dasunsrule32I have what is hopefully a quick question about ubuntu networking and dual NIC's. I have a server setup and am using it as a VM server using VMWare server 2.0.2 (no this question has nothing to do with VMWare). I have logged my server onto AD with a hostname: server.domain.local, i can ping the static IP I have set it to on eth0, works great. I added the second nic -> /etc/network/interfaces, for dhcp. When I start the interface,15:32
ttxkirkland: as long as it's in today, i think you can just upload it.15:32
kirklandttx: ack15:32
ttxI expect a few rerolls given the bugs already reported.15:33
kirklandttx: smoser: euca2ools uploaded!15:34
kirklandttx: smoser: i'll propose a merge to upstream with the change too15:35
uvirtbotNew bug: #526506 in eucalyptus (main) "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/52650615:37
ttxkirkland: also please comment on https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/455746/comments/215:38
uvirtbotLaunchpad bug 455746 in eucalyptus "postfix should be preseeded appropriately when pulled in by the UEC cluster controller installer target" [Wishlist,Triaged]15:38
kirklandttx: yes, i agree that we should set the postfix value when installing uec15:39
dasunsrule32Anyone?15:40
kirklandttx: are you assigning this to me?15:40
dasunsrule32Or rather my question is wrong, how do I assign a new hostname to the secondary NIC?15:40
ttxkirkland: I'm unsure how easy it is though. Passing preseed values from udeb to deb sounded tricky last time I looked into it15:40
kirklandttx: hmm, i wouldn't have thought it was that complicated15:41
screen-xdasunsrule32: in DNS?15:41
kirklandttx: i would have thought it was just a db_set15:41
ttxkirkland: IIRC one is installed on the installer / and the other in the installed-system chroot15:42
ttxso it's not the same DB15:42
ttxbut cjwatson would know better -- and know how to best do it15:42
cjwatsonpreseed it with owner 'postfix'15:43
cjwatsonit's a little fiddly, point me to a bug and I can do it15:43
cjwatsonoh, that bug15:43
ttxcjwatson: heh15:43
cjwatsongive me the key/value pair(s) you want preseeded15:43
ttxkirkland: could you determine the right postfix-for-CC conf and send it to cjwatson ?15:44
geneticx_wrkHi everyone.15:45
cjwatson(this is partly because I can't remember the precise runes without looking, and recall some slight weirdness, nothing major)15:45
kirklandttx: cjwatson: yes, sure, i will15:45
cjwatsonat worst you end up manually writing something into a logfile15:45
ttxI am unsure which option makes the most sense in that precise use case15:45
mathiazkirkland: if you look at the uec_clc template on tamarind you'll have an example of the preseed options for postfix15:45
mathiazkirkland:  postfix postfix/mailname and postfix postfix/main_mailer_type are what you're looking for15:46
ttxmathiaz: which option did you chose ? Local only ?15:46
mathiazttx: postfix postfix/main_mailer_type        select  Internet Site15:47
mathiazttx: it should probably be something else - the comment you made in the bug makes sense15:47
mathiazttx: the tricky part would actually be postfix postfix/mailname15:48
ttxEtienne suggested "Local only"15:48
mathiazttx: as this would be depend on the system being installed15:48
mathiazttx: I'm not sure why postfix/mailname is set to a high priority15:48
dasunsrule32screen-x: that is where I am not sure15:51
screen-xdasunsrule32: it depends what you're trying to do15:51
dasunsrule32I preferred to keep eth1 with DHCP15:52
dasunsrule32it will be used as the host port for the VM servers taht I will be installeing15:52
dasunsrule32and then those servers will be bridging to a staic IP15:52
SEJeffDoes euchalyptus support virtual guests yet?15:53
dasunsrule32but the problem going DHCP, at least with MSDCHP, is it keeps assigning the same hostname to eth115:53
dasunsrule32even though it is an entirely different MAC15:54
lamontmathiaz: because there's no good default for mailname16:01
dasunsrule32screen-x: I guess the question is, would it be better to assign a static IP to eth1, and not worry about a host name, or would is there a way to have a hostname assigned to eth1 vi /etc/hostname or /etc/network/interfaces?16:02
SEJeffdasunsrule32, But it in your dhcp client config to set the hostname16:03
screen-xdasunsrule32: hostnames are usually per machine, not NIC.16:03
screen-xdasunsrule32: but it may be useful to have multiple name referring to the same machine, eg for virtual hosting16:03
screen-xdasunsrule32: You could you bond the NICs, then use one IP and DNS entry for both16:04
mathiazlamont: how about defaulting to the hostname?16:05
SEJeffdasunsrule32, Your windows dhcp is giving you a hostname different from what you want, right?16:05
SEJeffIf so, just override that in your dhclient config16:06
lamontsee debian policy around /etc/mailname - (meeting)16:06
dasunsrule32SEJeff: Yes, it is assigning server.domain.local to eth0 & eth116:07
SEJeffdasunsrule32, karmic?16:07
dasunsrule32screen-x: how would that work?16:07
dasunsrule32SEJeff: yes16:07
dasunsrule32server edition16:07
SEJeffFirst, read the man page for dhclient.conf. Then edit /etc/dhcp3/dhclient.conf16:07
SEJeffOh a server should not dhcp16:07
screen-xSEJeff: really?16:08
SEJeffdasunsrule32, Put something like this: supersede host-name "dasunrules32.awesome.int";16:08
dasunsrule32The only reason I wanted eth1 as DHCP, simply a bridge16:08
SEJeffscreen-x, Please tell me you're kidding16:08
dasunsrule32lol16:08
SEJeffdasunsrule32, Well this is a super simple problem, again, just edit the dhclient.conf like I showed and it will work16:08
SEJeffI do this to keep from getting the gross hostname our enterprise dhcp servers try to give me on this Karmic desktop at work.16:09
screen-xSEJeff: nope, not kidding, whats the argument against using DHCP on servers?16:09
dasunsrule32let me take a look at that16:09
SEJeffscreen-x, Gee, what happens when your lease expires on your mailserver and your dhcp server is dead?16:10
dasunsrule32screen-x: depends on your application and how well your DNS and DHCP servers work16:10
dasunsrule32;-)16:10
SEJeffYour mail server goes offline. Lets hope you have serial setup when that happens :)16:10
dasunsrule32I use DHCP for ghost servers16:10
dasunsrule32;-)16:10
screen-xSEJeff: long leases, and redundant DHCP.16:10
SEJeffmore working parts == more problems16:11
dasunsrule32lol16:11
screen-xSEJeff: it seems to me to be a good way of assigning IPs centrally.16:11
SEJeffI've setup redundant servers and am a sysadmin by trade. That doesn't make it right16:11
SEJeffThat is called dns16:11
SEJeffUse a deployment system and config management. That is the right way16:11
SEJeffLike cobbler + puppet16:11
SEJeffdasunsrule32, Did that dhclient option answer your original question before we got off subject?16:12
dasunsrule32SEJeff: I am looking at the config file, looks like I can assign an interface an alias16:13
dasunsrule32which should in turn, assign the16:13
dasunsrule32alias as the hostname, I think this is what I need.16:14
SEJeffglad to help16:14
dasunsrule32I am just trying to assign eth1 as "server-vm-bridge"16:14
dasunsrule32Thanks16:14
kirklandsmoser: ttx: hrm, my euca2ools changes were rejected16:17
cjwatsonttx,mathiaz: so is the answer to set postfix/main_mailer_type to 'Internet Site', and that's all?16:17
kirklandsmoser: ttx: seems someone didn't commit their last changes to the bzr branch before uploading16:17
ttxkirkland: arh16:18
ttxthat must be me16:18
kirklandttx: okay ;-)16:18
ttxForgot the branch is not a packaging branch16:18
smoserkirkland, you took the patch right ?16:18
kirklandttx: no prob, just checking16:18
smoseror did you take that branch16:18
smoserbecause the branch had one other improvement16:18
smoserwhich i was planning on opening a beta1 bug for16:18
smoser(the parsing of the .eucarc is disgusting)16:19
kirklandsmoser: looks like 1.2-0ubuntu2  was uploaded about 7 hours ago, fixing LP: #52465216:19
ttxyes, I did that this morning16:19
kirklandsmoser: i did a bzr pull of lp:~ubuntu-core-dev/eucalyptus/euca2ools16:19
ttxkirkland: i'll merge16:19
kirklandsmoser: didn't see any changes, so i fixed the symlink problem16:19
kirklandttx: thanks16:19
kirklandsmoser: when i uploaded, my 1.2-0ubuntu2  collided with the 1.2-0ubuntu2  that ttx had already uploaded16:20
smoserfair.16:20
smoseri had linked a branch to the symlink bug that had other fixes.16:20
smoseri was asking if you merged from that branch to yours. apparently not, which is good.16:20
ttxI worked from the packaging branch16:20
ttxsmoser: that's what your branch was branched from, right16:21
smosermy branhc was from euca upstream16:21
smoserbut it doesn't matter becaues kirkland didn't merge from branch16:21
ttxmerge worked nevertheless :P16:22
smoseroh, for you, ttx, yes, i did.16:22
mathiazttx: http://paste.ubuntu.com/382351/16:25
mathiazttx: ^^ this is the list of postfix configuration available16:26
mathiazttx: I think Internet site seems to be the best option16:26
mathiazttx: Local only wouldn't work - as emails should be send out16:26
mathiazttx: another option would be Satellite system16:26
mathiazttx: by that means guessing the relayhost16:29
mathiazttx: which by default is smtp.domainname16:29
kirklandmathiaz: i tend to agree -- i usually select "internet site"16:33
ttxarh, now the dreaded "different rich-root support"16:34
* ttx starts over16:34
kirklandttx: i can do it, if you're occupied...16:34
ttxkirkland: nah, I must fix my own screwups :)16:35
kirklandttx: what should i milestone the postfix thing against?  a3 or b1?16:35
kirklandttx: don't beat yourself up :-)16:35
ttxI'd just keep it targeted to "lucid", no milestone16:36
mathiazcjwatson: so the answer to set postfix/main_mailer_type should be 'Internet Site'16:36
mathiazcjwatson: the tricky part will be to answer postfix postfix/mailname16:37
ttxkirkland: ok, you should be able to upload/release 1.2-0ubuntu3 from rev262 I just committed16:39
lamontmathiaz: and I'm very sorry about that. :(16:40
kirklandttx: cool, let me pull16:40
cjwatsonmathiaz: or arrange for postfix not to be installed by default, if possible16:42
cjwatsonwhich is the approach we've taken until now16:42
lamontcjwatson: I don't know that the hackery behind postfix install-time installation is still happy, btw - it wants to be post d-i16:43
cjwatsonlamont: "post d-i"?16:44
lamontcjwatson: I'm thinking warty and base install16:44
cjwatsonno16:44
cjwatsonnot happening :)16:44
lamontright16:44
cjwatsonI am NOT resurrecting that code16:44
lamontso not happening16:44
cjwatsonhow in particular is it unhappy right now?16:45
cjwatsonmathiaz: I've committed a eucalyptus fix, but I'm hesitant to mark the bug "fix committed" or to upload yet, until we know what's happening with postfix/mailname16:46
cjwatsonperhaps that is not fixable16:46
cjwatsonmathiaz: but in the meantime, feel free to make further changes based on what I did - the pattern should be clear now16:46
lamontcjwatson: there's at least one variable in the config template that caused me lots and lots of pain and is not preseedable to other than the default, or some such16:46
lamontcjwatson: I'll dig into it after dinner tonight16:48
cjwatsonwell, if you can send me details of why it's behaving differently in d-i versus post-d-i, I can look into that16:48
lamontoh - I totally don't remember what it was, but it had to do with something that gets set up in baseconfig (handwavy) but isn't there when postfix was getting configured then16:49
lamontthat was 5 years ago, dude16:49
=== jono_ is now known as jono
=== jono is now known as Guest66435
mathiazjiboumans: hi - what's the list of blueprints you're considering for the next sub-cycle?17:18
resno1 my nic card is out, and i am getting siocsifflags when I try use ifconfig eth0 up. how do i get it working? or should i replace it?17:31
bogeyd6I am thinking about running Squid Proxy in a UEC. Is this even feasible?17:31
dasunsrule32SEJeff: I tried the DHCP "supercede" and it complains about missing a semi-colon, I tried it in alias{} section and lease{} section, then the wierd stuff. I set eth1 to static, and restart the network services, and now it creates a virtual adapter that doesn't allow the real eth1 to start correctly, any ideas?17:40
hggdhbug 52443417:44
uvirtbotLaunchpad bug 524434 in ubuntu "Lucid Alpha 2 server iso install fails at bootloader in KVM" [Undecided,Confirmed] https://launchpad.net/bugs/52443417:44
oru_workin ubuntu with postfix/dovecot how can i just the older mail.log from lets say february 1117:51
oru_workerrr how can i see*17:53
=== nirvanis_ is now known as nirvanis
uvirtbotNew bug: #526591 in euca2ools (main) "euca2ools parsing of config file is severely limited" [Undecided,New] https://launchpad.net/bugs/52659118:11
smoserkirkland, i just opened bug https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/52659118:24
uvirtbotLaunchpad bug 526591 in euca2ools "euca2ools parsing of config file is severely limited" [Low,New]18:24
oru_workdoes anyone know the location of the configuration file that defines log rotation for mail.log postfix/dovecot in ubuntu 8.10 ? I checked /etc/logrotate.d/ and its not there18:25
kirklandsmoser: okay18:26
smoserit has my suggested fix attached.18:26
uvirtbotNew bug: #526587 in dbconfig-common (main) "Sync dbconfig-common 1.8.44 (main) from Debian testing (main)" [Wishlist,New] https://launchpad.net/bugs/52658718:39
dasunsrule32Is there a way to have likewise-open5 listen only on a specific address?18:58
chinnyHey all - I've got a very weird issue with networking on 8.10 server on VMware Esx am hoping someone might be able to give me some pointers.19:03
resnoi am having a nic problem. getting "siocsisfflags error message". i issued dhclient and it gets an ip, however on restart nic is gone from ifconfig.19:13
viezerdwhat would be smoother upgrading from 9.10 -> 10.04 or from 8.04 to 10.0419:25
viezerdneed to install server for now19:26
regiusI have a kerberos question, is the communication between server and client encrypted? Say kerberos + telnet is a single singeon ssh?19:38
regiusevery where I read about kerberos the only thing people is describing is the authentication19:39
msantosfor kerberos telnet, encryption is optional19:43
msantos"-x" flag from the man page19:43
msantosssh supports kerberos (GSS-API), use that if you can19:44
uvirtbotNew bug: #523812 in quagga (main) "Quagga reports crash on Karmic" [Medium,Incomplete] https://launchpad.net/bugs/52381219:46
regiusthank you msantos, I have read my textbok from back to back to understand if kerberos would encrypt the traffic19:47
uvirtbotNew bug: #515048 in samba (main) "nmbd crashed with SIGSEGV in _IO_vfprintf_internal()" [Low,Incomplete] https://launchpad.net/bugs/51504819:47
regiusI'm trying to share a nfs over the internet19:48
regiusanyway thank you msantos19:49
msantosregius, np19:49
zulsmoser: when you get a sec can you look at #52424320:11
bogeyd6where does UEC store the images and other bulk of the data?20:11
uvirtbotNew bug: #525209 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: ?????????? ?????????? ???????? post-installation ????????? ??? ?????? 1" [Low,Incomplete] https://launchpad.net/bugs/52520920:11
smoserbug 52424320:14
uvirtbotLaunchpad bug 524243 in python-boto "Python-boto crashes with Duplicity and Amazon S3" [Undecided,New] https://launchpad.net/bugs/52424320:14
smoserzul, the bug says that works in lucid, fails in karmic20:15
smosererr... works with lucid python20:15
smoserfails with karmic's boto20:15
smosers/lucid python/lucid boto/20:15
smoserkirkland, are you around?20:16
kirklandsmoser: yup20:16
kirklandsmoser: sup20:16
smoserit looks to me like bug 525989 is a eucalyptus mess20:17
uvirtbotLaunchpad bug 525989 in cloud-utils "uec-publish-tarball yields unrunnable emi" [Medium,Confirmed] https://launchpad.net/bugs/52598920:17
smoserso i tried to recreate by20:17
smosera.) setting up a karmic instance per documentation (without uec-publish-tarball)20:17
smoserb.) setting up a lucid instance *with* publish-tarball20:18
smoseri was unable to reproduce20:18
zulsmoser: ah missed that part20:18
smoseri notice one thing funny though20:18
smoserfrom inside the instance, i crawled metadata service with boto get_instance_metadata()20:18
smoserit returns : 'ramdisk-id': 'eri-0577198B'20:18
smoseri think "where in the world did a ramdisk come from!"20:19
smoser$ euca-describe-images | grep eri-0577198B20:19
smoserIMAGE   emi-DFFB1509    i-20100223142513/karmic-server-uec-amd64.img.manifest.xml       admin   available       public          x86_64  machine eri-0577198B   eki-252B1A1220:19
smoserIMAGE   eri-0577198B    r-20100223142513/karmic-server-uec-amd64-initrd-virtual.manifest.xml    admin   available       public          x86_64  ramdisk20:19
smoserkirkland, so, in summary, if you have *any* ramdisk registered, even if not with the selected EMI, eucalyptus will tell your instance that its ramdisk ERI is *that* one.20:20
* marsje is reinstalling someone's Windows laptop... *sigh*20:20
smoserzul, i saw that bug a while ago too, and thought "uh-oh, boto-1.9b issue". but its the reverse.20:21
kirklandsmoser: wtf, that's nuts20:21
smoseryeah, my guess is you tried with uec-publish-tarball, and it failed.20:21
zulsmoser: yeah...ill close it as fixed released then20:21
smoserthen you tried with "regular method" and it succeeded.20:21
smoseror probalby you did a karmic for good measure, ended up getting an eri there and then it would have worked again if you used uec-publish-image20:22
kirklandsmoser: i think we have to assume people will have all sorts of images in their UEC20:24
kirklandsmoser: perhaps some with ERI's, and some without20:24
kirklandsmoser: some published with euca-*, some with uec-*, and some with the image store proxy20:24
smoseroh shoot!20:24
smoseri was thinking it just *showed* youthat20:24
smoserbut i think you're right. it *booted* with that ramdisk20:24
smoserlet me verify that20:24
smoseryep.20:25
smoserits completely reproducible20:25
smoserkirkland, http://paste.ubuntu.com/382500/20:26
kirklandsmoser: blargh20:27
kirklandsmoser: is this on my local cloud?20:27
kirklandsmoser: where are you running this?20:27
smoserdatacenter20:27
BullterdEvening All20:28
smoseryeah. verified it on my private cloud too.20:28
BullterdToday I setup dual gig .ad bonding20:28
Bullterdon my ubuntu based open-iscsi server20:28
smosereucalyptus just says "oh, you dont have a ramdisk ? let me get you one"20:28
Bullterdand also on my ESXi box20:28
Bullterdhowever, my hdparm testing before vs after is the same speeds :(20:28
Bullterdwould anyone have any ideas?20:28
smoserand if there is no ramdisks registered, it will boot without one, but then boto's crawling of the metadata service will fail.20:29
kirklandsmoser: quick chat via phone?20:29
smosersure. let me post a comment in the bug.20:30
kirklandsmoser: okay, call my cell when you're done20:30
Bullterdplease tell me your not honestly gonna support some guy via cell from IRC :p20:31
BullterdIf you are then fair play, heh20:31
bogeyd6Bullterd, the suggestions would be your storage didnt change so the storage speeds didnt change20:32
Bullterdhmmph.20:32
Bullterdthat would be a good point20:32
uvirtbotNew bug: #525205 in php5 (main) "proc_open() with pty descriptor type fails with errno 14 on amd64" [Medium,Triaged] https://launchpad.net/bugs/52520520:32
uvirtbotNew bug: #525233 in krb5 (main) "package libk5crypto3 1.7dfsg~beta3-1ubuntu0.4 failed to install/upgrade: package libk5crypto3 is already installed and configured" [Low,Incomplete] https://launchpad.net/bugs/52523320:32
Bullterdok WTF20:35
Bullterdsudo hdparm -tT /dev/sda on my iscsi server gives 13.99MB/sec20:35
Bullterdand on my iscsi based virtual machine I get 262 0.o20:36
bogeyd6262MB/sec?20:37
Bullterdyeah20:37
zroyschis it possible to restart dd after it runs out of diskspace on the destination20:37
bogeyd6zroysch, only in ddrescue20:38
zroyschdamn.20:39
zroyschsucks bad20:39
zroyschi have 1.09gb to get onto like 920gb20:39
zroyschis there any way to compress on the fly20:39
bogeyd6:(20:39
bogeyd6pipe it to tar20:39
bogeyd6or20:41
bogeyd6gzip20:41
bogeyd6ala dd if=/dev/hda | gzip > /mnt/hdb1/system_drive_backup.img.gz20:41
uvirtbotNew bug: #526659 in samba (main) "nmbd fails to start at boot time" [Undecided,New] https://launchpad.net/bugs/52665920:42
zroyschwhat is the compression of gzip?20:47
zroyschor i guess that depends20:47
zroyschdont want to sit through another days worth of backing up to see it not fit again20:48
Bullterd1.09gb onto 920gb seems doable :p20:48
zroyschoh great20:48
zroyschmd2 failing again20:48
uvirtbotNew bug: #526672 in samba (main) "apport hook should provide a Not Applicable choice for all the questions" [Undecided,New] https://launchpad.net/bugs/52667220:51
zroyschhttp://pastebin.ca/180729920:54
zroyschsafe to say the drives are hosed at this point?20:54
Bullterdzroysch: lots of words in that pastebin that make me think yes20:59
Bullterdrun diag with UBC20:59
zroyschman. raid is annoying21:00
zroyschis it true that i should be buying the more expensive drives "designed" for raid21:00
BullterdNah21:00
BullterdRAID = Redundant array of inexpensive disks21:00
Bullterdin the name, lol21:00
zroyschi know what it stands for.21:00
zroyschi dont know what run diag with UBC means21:01
Bullterdultimate boot CD21:01
Bullterdhas some good hdd scanning tools21:01
mathiazkirkland: bug 52245221:07
uvirtbotLaunchpad bug 522452 in update-manager "update-motd delays login" [Medium,Triaged] https://launchpad.net/bugs/52245221:07
mathiazkirkland: this is why I get a delay when ssh into some machines21:07
kirklandmathiaz: ah, yes, let me take a look21:07
mathiazkirkland: IMO none of the script run in update-motd should attempt any network connection21:09
mathiazkirkland: with a firewall that DROP packet it just delays everything21:10
kirklandmathiaz: hmm, i agree that login should be fast/immediate21:11
kirklandmathiaz: previously, these just ran in a cronjob21:12
kirklandmathiaz: i think the network-using scripts should test network connectivity before running it's meat21:12
mathiazkirkland: hm - I'd suggest to decouple the part that requires network and the part that formats the output to be plugged into the motd21:13
mathiazkirkland: run the network part as a cron job/background task21:13
mathiazkirkland: parse its output during login time21:14
mathiazkirkland: IIUC this is what 90-updates-available does21:14
mathiazkirkland: it doesn't run apt-get update21:14
wizardslovakhello people21:14
wizardslovakwhat would be best partitioning for web server on 80 gb hard drive?21:15
kirklandmathiaz: okay, then your gripe is with dpkg -S /etc/update-motd.d/91-release-upgrade21:15
mathiazkirkland: although 90-updates-available is a bit complicated21:15
kirklandmathiaz: not update-motd21:15
kirklandmathiaz: b/c all update-motd (which is in pam_motd) does now is just run the scripts in that dir21:15
mathiazkirkland: right - that's with update-manager21:15
mathiazkirkland: bug 522452 is filed against update-manager21:16
uvirtbotLaunchpad bug 522452 in update-manager "update-motd delays login" [Medium,Triaged] https://launchpad.net/bugs/52245221:16
kirklandmathiaz: i'm not sure what to say ...21:22
kirklandmathiaz: the network-needing scripts could go back to being cronjobs21:23
kirklandmathiaz: or they could just fork off to the background, writing to a cache file21:23
mathiazkirkland: right - I don't have definitive answer either21:23
kirklandmathiaz: and honestly, i like the current behavior on my systems21:24
kirklandmathiaz: i know that the updates/upgrade information is current as of login21:24
kirklandmathiaz: and for whatever reason, it only takes a split second on my server21:24
mathiazkirkland: right - the use case of having long delays is a valid one21:25
mathiazkirkland: and one I've run into in the DC21:25
mathiazkirkland: we should find a proper balance between freshness of information and fast ssh login21:25
=== tsimpson is now known as Guest5579
uvirtbotNew bug: #526697 in euca2ools "euca-describe-images has incorrect order of ramdisk and kernel" [High,Confirmed] https://launchpad.net/bugs/52669721:52
zroyschis my data recoverable at this point http://pastebin.ca/180729921:53
smoserkirkland, euca2ools new bug (simple fix) https://bugs.launchpad.net/eucalyptus/+bug/52669721:59
uvirtbotLaunchpad bug 526697 in euca2ools "euca-describe-images has incorrect order of ramdisk and kernel" [High,Confirmed]21:59
thafreakHow can I get lucid installed on a KVM virtual machine?22:04
thafreakIf I try to install via ISO, it keeps failing at grub...22:04
thafreakIs there an easier way?22:04
thafreakI'm using the amd64 alpha2 cd...22:07
thafreakalso, when I press F4 and select "install minimal virtual machine" nothing changes, is that what's supposed to happen?22:08
sorenAm I supposed to close the server-papercut bug task when I fix something or do I leave it open until the meeting so that everyone can join in and rejoice?22:14
sherrthafreak: try a daily ISO or wait for alpha 3. I think there might be open bugs with Lucid + KVM.22:28
thafreaksherr: thanks, zsyncing a daily iso now...22:39
dasunsrule32When I try to run apt-get update with two NIC's enabled, it just hangs and will not update, I have to disable eth1 to update, any ideas?23:23
persiadasunsrule32: Sounds like a routing issue to me.  Are other sorts of http requests affected?23:28
dasunsrule32Well, I do not believe so23:29
dasunsrule32it is the server edition23:29
persiae.g. if you run `apt-get --dry-run --print-uris update` ande try to wget that stuff, does it also hang?23:30
dasunsrule32I can ssh in fine with both nic's enabled23:30
dasunsrule32one sec23:30
dasunsrule32Ya, I can't ping anything either23:31
persiaYeah.  Your server has a routing issue.23:32
persiaIt's able to return incoming connections, but doesn't know how to route the outgoing connections.23:32
dasunsrule32I have been moving services from eth1 to eth023:32
dasunsrule32Seems to be23:32
persiaSo sort that, and apt-get will work fine :)23:32
dasunsrule32both NIC's are internal23:32
dasunsrule32to the network23:32
persiaAre they bonded, or different addresses?23:32
dasunsrule32different IP's23:33
dasunsrule32.2 .323:33
dasunsrule32it is a VM server I am building23:33
dasunsrule32.2 will be the web console for vmware23:33
dasunsrule32and .3 will be the bridge23:33
persiaI have a suspicion that you have competing default routes or something.23:33
persiaOr maybe no default route.23:33
persia`netstat -rn` and `ifconfig -a` are places to start, but it's been long enough since I debugged this sort of thing that I'm not the right person to help you farther than that.23:34
dasunsrule32I did a route -n23:34
dasunsrule32http://pastebin.com/djXe2QDH23:36
dasunsrule32here is my /etc/network/interfaces23:38
dasunsrule32http://pastebin.com/HEsrFgdP23:38
persiaYou do have two default gateways.  I think you want just one, and to set up some failover with high-availability scripts.23:48
persiaBut like I said, I haven't played with this in years.23:48
persiaAs a short-term fix, just drop the "gateway" line from one of your interfaces in /etc/network/interfaces23:49
persiaAnd go investigate HA solutions to determine best practices.23:49
persiaPersonally, I suspect a bonded interface with two virtual interfaces exposed by the bonding, each with a separate IP is likely to be cleaner (separation of address from interface reduces chance of failure)23:50
persiaBut it's been years, so current best practices may have changed.23:50
dasunsrule32persia, I think you are correct23:54
dasunsrule32I have been working too hard today23:54
dasunsrule32:p23:54
dasunsrule32thank you persia, I will check into bonding23:55
dasunsrule32it is working as needed now23:55
dasunsrule32I can't believe i didn't see that23:56

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!