[00:09] !info php5 lucid [00:09] php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.2.12.dfsg.1-2ubuntu2 (lucid), package size 1 kB, installed size 20 kB [00:10] !info php5 [00:10] php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.2.10.dfsg.1-2ubuntu6.4 (karmic), package size 1 kB, installed size 20 kB [00:36] does anyone have experience running netxen nc3031 nic on ubuntu 9.10? I'm facing some overheating issues, [00:39] Why would the OS flavour make the NIC more likely to overheat? [00:40] twb: driver code specific to that kernel doing something the NIC doesn't expect? [00:40] Granted, but most of that would be a kernel issue, not a distro issue. [00:41] ie: crappy nic problem [00:41] twb: true, but how many 'average users' can compile and test that it's a kernel issue? [00:44] well not too many including my self, I saw on some git commits for kernel that overheating was an issue with this card and has been resolved since rev 40, I'm running rev 43 [00:45] in addition to that I'm using 3Par san as my primary storage [00:46] and every time machine reboots, I see this message Feb 21 14:30:34 machine3 kernel: [ 147.854465] ext3_orphan_cleanup: deleting unreferenced inode 6767294 [00:47] any insights on how to pinpoint this problem? [01:09] Well, you could examine the contents of that inode === erichammond1 is now known as erichammond === erichammond1 is now known as erichammond [02:41] dhcp-server is not started automatically at the boot on two of my servers, but it in /etc/rc2~5.d/S20dhcp-server, and there's nothing in syslog about the problem [02:42] what else can I do ? [02:47] hi how i can know if tinydns is running in my server? [02:52] maxagaz: apply strace on the init script [02:52] Roxyhart08: check the output of the 'ps' command (ex: 'ps ax') [02:54] pmatulis, it doesn't help... [02:54] pmatulis, it works when I run it manually [02:54] maxagaz: and your server has a static address right? [02:55] i am not sure why my server is talking another name [02:55] pmatulis, yes [02:55] when i access from ssh or directly it say user@wrongserver instead user@myserver [02:56] Roxyhart08: maybe you're connecting to the wrong server (?) [02:56] no [02:57] Roxyhart08: pastebin the output of "hostname; hostname -f; cat /etc/hosts; echo FNORD; getent hosts" [02:59] i access with ssh and directly to this server and same problem, but i reboot it and now is ok, not sure why it happened [03:00] maybe something with the dns? [03:03] Roxyhart08: follow orders or it's back in the killfile for you. [03:07] geez [03:26] pmatulis: I think he's probably killfiled me already :-) [05:06] New bug: #526222 in tomcat6 (main) "Problems installing Tomcat" [Undecided,New] https://launchpad.net/bugs/526222 [05:36] New bug: #526230 in openldap (main) "jaunty -> karmic upgrade modifies cn=config DB definition, creates syntax error, slapd won't start" [Undecided,New] https://launchpad.net/bugs/526230 [06:13] hi has somebody installed samba as PDC on ubuntu? === martin__ is now known as martin- [07:29] can I do something like a traceroute to check if "id foo" really uses the ldap information instead of local information ? [07:30] or cached informations [07:35] How do i remove apache from ubuntu server? [07:36] strace/ [07:36] ? [07:36] Omr: apt-get remove apache2 [07:37] thanks [07:37] maxagaz: add a user to LDAP and test? [07:54] how can i download webmin on ubuntu server [07:55] hyperlinx: first step is to compromise your principles and your integrity [07:56] hyperlinx: I don't think Ubuntu ships Webmin in the distribution anymore. Take a look at "ebox". [07:56] hyperlinx: It might be what you're looking for. [07:56] ebox ill chack it out [07:56] hyperlinx: http://www.ebox-platform.com/ [07:59] twb: i got apt-get working thru a proxy. It was an authentication problem so i disabled authentication on the proxy. [08:01] Omr: as I suspected -- apt-get doesn't do most forms of HTTP proxy auth [08:07] Yeah i had to disable authentication or download a proxy-proxy to do the authentication for apt-get which didn't help without the proxy to install the application with apt get confusing so i just disabled and away it went [08:11] Omr: I didn't realize you were allowed to do that, otherwise I'd have suggested it [08:17] dont worry i wasn't and now irc boots me all the time for having an "Open Proxy Detected" [08:21] Um, you shouldn't have a proxy listening to the internet side AT ALL [08:24] I get what your saying but the proxy allows my outside access from WAN since the proxy listens on the same port as the net currently runs in which is why im trying to set up the ubuntu server [08:24] If linux community designed XT network for telicom NZ i wouldn't have this problem since my cellphone would work and i wouldn't need Wan [08:26] My main PC has no room for xtra network card [08:26] Omr: heh, I'm on XT too, I haven't had THAT much issues with it but I've definitely noticed it =P [08:26] well i use XT for my internet since im rural [08:26] Telecom NZ is a fucking joke, absolutely useless with anything they touch [08:26] well i used to [08:27] its constantly intermitent [08:27] Well now i have to use dial up [08:27] my dad's business uses TelstraClear cable because we need the upload speed and the reliability [08:27] And i had to make hi gain antenas to direct 2km directional wan so i can use my laptop [08:28] You live in a populated area [08:28] lucky for some [08:28] heh [08:28] here at home though, I'm on Telecom's ADSL2+ (which is theoretically one of the fastest home connections you can get here) network and the speed is all over the place, pay $50/month for 20GB cap and slowed to dial-up when I go over it (which I always do) [08:28] by the year 3000 im sure i will be able to get broadband here. It will cost a fortune and go 128kbs lol [08:29] it took me 3 weeks to download ubuntu server and another 3 weeks for desktop and i have 7 mnths remaining for debian disk 1,2,3,4,5,6 [08:30] really? [08:31] yeah my max connection is 36kbs [08:31] thats max on a good day with no electric fences turned on between me and the nearest exchange [08:31] o_O so that connection is 36KB/s (kilobytes per second) or 36Kbps (kilobits per second)? [08:31] otherwise i just dc every 5 minutes when my "loss" is unacceptable to KoL [08:32] 36kbs Kilobits [08:32] its a 56k dial up modem [08:32] O_O That's TERRIBLE [08:32] You're getting 4.5KB/s max? [08:32] As i say you live in a populated area. Thats why i use XT [08:32] D/L is 1 - 2 KB/s [08:33] That's almost too slow to open most web pages >.> [08:33] Squid does wonders with that [08:33] the first few weeks without squid was hell now squid does the work while i make a coffee [08:34] And a auto spider starts the apropriate links downloading for fast access [08:34] so, that is your KoL dialup? [08:34] yup [08:34] I feel sorry for you =/ [08:34] XT gave me 426kbs [08:34] But i dont even get signal any more [08:35] Telicom says they will look into it soon [08:35] 426KB/s? [08:35] no 426kbs [08:35] oh [08:35] i said im rural lol [08:35] lol yeah [08:35] 19:26 My main PC has no room for xtra network card [08:35] Omr: you can trunk multiple logical networks over a single physical interface [08:36] that's not too good...52.25KB/s is a huge improvement over dial-up but is still not too fast [08:36] You just have to have an OS on each end that can terminate the trunk, i.e. Solaris, IOS or Linux [08:36] yeah i did try that (Im still in windows on this machine) but it didn't seem to be accepted by most programs [08:36] they all bound to a single ip [08:36] 53.25KB/s* [08:36] Omr: then you did it wrong. [08:36] i could rebind the proxy to any ip but nothing else functioned [08:36] Omr: I'm not convinced Windows can do trunking anyway [08:37] Its highly possible that i did it wrong [08:37] well i just opened tcp settings [08:37] and added multiple ip addresses and gateways [08:37] trunking is layer-2, not layer-3. [08:37] [repost] ttx: soren So, to fix the issue with dnsmasq, I think the first knob is to make the code in dnsmasq/dnsmasq.c not exit if the interface isn't ready, but instead poll for it for a bit (http://paste.ubuntu.com/381715/ is current code). Once that is complete, libvirt can be switched back to use --interface, and provide an --exclude-interface snipped to dnsmasq. Does that seem sane? Also, any pointers on where to find a good polling co [08:37] de example? [08:38] i could extrernally ping the extra ip's but couldn't bind to them from within windows [08:38] Omr: you DEFINITELY did it wrong [08:38] ok now your over my head i dont know what that means twb [08:39] i just rung microsoft and asked them [08:39] persia: that seems sane, I have no good example. I pinged Simon (upstream) on the bug to get his opinion [08:39] thats what they told me to do. [08:39] * persia refreshes [08:39] persia: I'm unsure why --interface is needed when we do --bind-address alrady? [08:40] Err... [08:40] persia: I mean --listen-address. [08:40] Omr: http://en.wikipedia.org/wiki/IEEE_802.1Q <-- this is trunking. It's a layer-2 (i.e. ethernet) technology; it has no relation to the layer-3 (i.e. TCP/IP) stuff running on top of it. [08:40] soren: I may have become distracted then. I'm just following a chain of bugs, and finally found one that seemed fixable :) [08:41] twb: Thank you i will read it in a couple of minutes [08:41] Apologies in advance if I seem short-tempered this morning. I just had an extremely annoying telemarketer on the phone, and am still cooling down. [08:41] im so going to mirror wikipedia next time i goto a cyber cafe. [08:42] Omr: you should talk to #Wikipedia about that -- there are ways to do it efficiently. [08:43] twb: yeah you can just download the entire site they offer a link [08:43] Some guys were looking into it as a way to ship wikipedia to Africa (where the cost of networking is TRULY outrageous) on hard disks. [08:43] soren: So, if we stick with --listen-address, how do we construct an exclusion config. Do we just ask the user on which address we want dnsmasq to listen, and also use --listen-address in the default dnsmasq config? [08:44] Yup ever since wikipedia put up download links to yearly wikipedia archives [08:44] (and not bother having libvirt ship anything at all) [08:44] persia: I think --exclude is an odd approach for a dhcp server, really. [08:45] persia: --listen-address will make the libvirt dnsmasq selective, and the snippet we drop in dnsmasq.d will make the system-wide dnsmasq avoid the selected interface ? [08:45] persia: I don't really see the use case for it. [08:45] You mentioned that, and I agreed with you, but I'm not really comfortable rewriting dnsmasq entirely :) [08:45] persia: ah, except you won't know the interface name to exclude [08:46] ttx: That's part of what's tricky, and why I'm intrigued by what I'm interpreting as soren's suggestion: to also use --listen-address for the primary server. [08:48] The tricky part is the fact that dnsmasq is a combined dns and dhcp server. For DNS, it makes perfect sense to listen everywhere. For DHCP... Not so much. [08:48] I have some code that automatically enables bind-interface in the default dnsmasq config in rules (lovely rules file: I've never seen anything like it), and I presume we'd be able to drop a "listen-address" line in /etc/dnsmaq.d/ from debconf. [08:48] is there a program like gnomeppp that will work with ubuntuserver? [08:48] soren: See, my use case for dnsmasq is actually 99% the tftp server :) === georg is now known as kwork [08:49] or additionaly (Since i beleive it should work) why does it inform me that i need ubuntu desktop enviroment [08:51] persia: Ah :) [08:52] hmm i think twb answered that yesterday "Spaces matter" [08:52] persia: Oh, the rules file. Yes, I remember that one :) [08:52] Omr: wvdial is a ppp configuration thingy that uses no graphics. [08:52] persia: I think it's the only debhelperless package I've ever seriously worked on. [08:52] Omr: but you shouldn't REALLY need any wrapper, just ifupdown [08:53] soren: I've seen a few before, but those still followed a similar model to debhelper (but were just predebhelper). [08:53] ah [08:53] Anyway, so have I interpreted your suggestion correctly, or are you still working on critique without a way forward yet? [08:54] I'm just rambling. [08:54] That's fine. [08:54] But I think you think that libvirt shouldn't have to change and is essentially doing the right thing. [08:54] Is this correct? [08:55] Yes. [08:56] OK. I think that if the race condition is fixed in dnsmasq, libvirt should go back to --interface to support changing the IP, but that's a completely different bug. [08:56] twb: ifupdown? ill have to google that one [08:57] So, discounting any libvirt changes, what is a sensible behaviour for dnsmasq? [08:57] persia: Darned if I know. [08:57] as I see it, we have several options, as follows: [08:57] 1) bind to some specific interface(s) [08:58] 2) bind to some specific address(es) [08:58] 3) bind to everything except some specific interface(s) [08:58] 4) bind to everything except some specific address(es) [08:59] Based on your assertion that it seems strange for a DHCP server to be promiscuous, I think 1 or 2 makes more sense. [08:59] The trouble is that what constitues "sane defaults" differs across the different services dnsmasq provides. [08:59] (and if people want a real DNS server, they should be using bind or something) [08:59] But dnsmasq only has a single configuration for all services. [08:59] Precisely. [08:59] Well... It does now. [08:59] that /could/ change, but I'm not too hot on the idea of having three different dnsmasq processes running by default. [08:59] As a result, I assert dnsmasq is intended to provide convenient local networks for managing stuff like virtual hosts, embedded devices, etc. [09:00] And that it's *not* intended to be a service for production networks. [09:00] soren: Or six, for the use case we're trying to support :) [09:01] persia: 6? wow :) [09:01] I was thinking one per service. [09:01] 3 from libvirt and 3 from dnsmasq [09:01] Right, one per service, per caller. [09:01] Ah. [09:02] But I agree that 6 processes is 1) overly heavy, and 2) takes away the advantage of dnsmasq being small and simple. [09:02] Quite. [09:02] So let's ignore that possibility. [09:03] Which leaves us with the inclusive-list vs. exclusive-list and interface vs. address decisions. [09:03] (for dnsmasq as a standalone server: dnsmasq-in-libvert already took the decision to use inclusive addresses) [09:05] So, this seems to be to be a sane default, but it means that one is required to have a static address defined where one intends to use dnsmasq-standalone. Does this seem overly onerous? [09:05] also, what's a sane default for this network address? === [1]Omr is now known as Omr [09:07] New bug: #514274 in samba (main) "NTLMv2 Authentication Not Enabled By Default" [Wishlist,Confirmed] https://launchpad.net/bugs/514274 [09:11] lan cabel is adapted but no internet connektion [09:13] persia: if you're talking about using exclude vs. include to tell dnsmasq which interfaces to serve DHCP/DNS/TFTP on, I'd say it depends on whether you expect *most* interfaces to be serviced. [09:14] I've always used interfaces over addresses, simply on the basis that the interface name is less likely to change suddenly. [09:15] twb: Well, it depends on the environment. libvirt (sensibly) does it based on the address because that's not a good assumption in that environment. [09:16] But if we assume that dnsmasq running as a system service is typically in an environment that does have static interfaces, what do we select as a sane default? [09:16] (and note that with the wide availability of USB interfaces, this may not be entirely safe, depending) [09:16] udev ought to do its job [09:16] wrt persistent net interfaces [09:17] Tangential question: when libvirt's using kvm, does it use qemu's built-in DHCP/TFTP instead of dnsmasq? [09:18] It always uses dnsmasq, but in a special way. [09:18] Heh. "special" [09:18] But this breaks the default "do everything everywhere" function of dnsmasq, because of a conflict on virbr%d [09:36] New bug: #526308 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/526308 [09:38] * persia feels stalled on suggestions for sane defaults, and sets aside the dnsmasq/libvirt stuff until someone has some good suggestions [09:40] So-rry [09:41] "It doesn't matter if you're right or wrong, so long as you're definite"? [09:41] persia: apart from the "DHCP server should probably not be promiscuous" objection, what is the drawback of following option (3) above ? [09:41] (once --listen-address polls rather than quits early) [09:41] Well, it's more work (dnsmasq needs to be able to handle some wildcards or accept runtime hinting). [09:42] persia: let's see what Simon suggests on the bug [09:42] OK. [09:42] persia: he happens to be upstream and debian maintainer for dnsmasq [09:43] persia: he usually comes up with helpful suggestions :) [09:43] ttx: I think that the default is good for dnsmasq if not used twice on the same system. [09:43] I'm not even sure that the right answer isn't to disable running a separate dnsmasq in libvirt if dnsmasq is already running. [09:43] persia: right, and the "libvirt drops a snippet that changes the main instance behavior" sounds good to me as it doesn't affect general dnsmasq usage [09:44] ttx: And that was the thing to which soren objected : he seemed to feel that libvirt was doing the right thing. [09:44] persia: libvirt is doing the right thing if dnsmasq isn't already running on the same host. [09:45] What is it that we think libvirt does wrong? [09:45] * soren may have missed something. [09:45] That was my thought before soren's objection as well. I think that the concept that dnsmasq should not be promiscuous informs the objection. [09:45] soren: libvirt's dnsmasq breaks the systemwide dnsmasq, if you happen to install it. [09:45] soren: That libvirt ought inform dnsmasq what address not to target when dnsmasq is running as a daemon. [09:46] Or interface. Doesn't really matter. [09:46] ttx: That doesn't quite answer my question. [09:46] I know dnsmasq has a dbus interface. I don't know what it's for, though. Is that something we could use? [09:46] soren: it was quite limited last time I looked into it. [09:47] Seems to still be the case. [09:47] http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/dnsmasq/lucid/annotate/head%3A/dbus/DBus-interface [09:47] yep :) [09:47] http://www.thekelleys.org.uk/dnsmasq/docs/DBus-interface [09:48] Not sure if it's still current, but seems to be designed for something entirely different. [09:48] There are two issue with using a config snippet: 1) passing the right address to ignore, and 2) handling the case where libvirt is installed *after* dnsmasq (maybe dnsmasq should have a trigger for config fragments?). [09:48] The issue with dbus is the opposite: libvirt needs to know to send a message if dnsmasq is installed later. [09:48] ttx: Again.. That libvirt breaks the systemwide dnsmasq just says that "they're not playing well together". Can you explain what libvirt does that you think is wrong? [09:50] Note that this could also be interpreted as "systemwide dnsmasq breaks libvirt" depending on startup races. [09:50] soren: it does nothing wrong. But one of them (or both) need to be adjusted to play nice together. [09:51] ttx: Right. And I gather you think libvirt is the one that needs changing? [09:51] * persia thinks both need adjustment [09:51] soren: it looked like a simpler option, with dnsmasq supporting config fragments... but since persia looked into it, it looks a little more complex than that. [09:52] The only other alternative is to hope the user never configures dnsmasq to target the interface/address libvirt selects. [09:52] persia: that's the current status. [09:52] persia: you can solve it by configuration already. [09:52] persia: We can't protect people from shooting themselves in the foot. [09:53] ttx: No, current status is that dnsmasq ships with a configuration that targets the interface/address libvirt selects. We aren't relying on admins being careful, we're breaking by default. [09:53] and I think that has been soren's position: libvirt is doing nothing wrong, if you want to run dnsmasq you should know how to configure it. [09:53] ttx: That sums it up pretty well, yes. [09:54] And following that logic, it makes sense to have dnsmasq ship a config that binds to some user-selected address or interfface with debconf which the user can later change. [09:54] I'm not sure what libvirt could do differently. It only binds to the interface it created itself. If the admin specifically wants to use his system wide dnsmasq (or dhcp3-server) to manage that as well, he shouldn't configure libvirt to do dhcp. [09:54] soren: and persia's position is that currently we are leading people to shoot themselves in the foot by default :) [09:54] So using inclusive, rather than exclusive. [09:54] soren: No, my position is that I've been shot in the foot by my operating system. [09:55] It a bad default for our environment. [09:55] Now, shipping a good default isn't that hard. [09:57] dhcp3-server doesn't do anything by default. It just sits there, waiting for you to configure it. [09:57] But I'd like a suggestion on whether I should be using 172.16.50.122 as a default binding address or eth0 as a default binding interface. [09:57] It doesn't expect to be able to guess which subnet you want and which interfaces you want served. [09:57] Where did 172.16.50.122 come from? [09:57] I forget what bind9 does by default. [09:58] soren: Yeah, but there's no way to configure dnsmasq to do nothing by default unless we ship it disabled, which isn't the usual practice with demons. [09:58] persia: Except dhcp servers. [09:58] soren: just a public address off the top of my head. [09:59] Err, private address (can be used by anyone) [09:59] * persia fails at nomenclature [09:59] Hey, how about this: [10:00] * soren checks a few things to make sure this even makes sense [10:00] Oh, libvirt probably shouldn't be passing --bind-interfaces. That seems wrong. [10:01] Anyway, how about we just disable the dhcp server in dnsmasq by default (or let people configure it through debconf)= [10:01] ? [10:01] isn'tit already the case ? /me checks [10:01] soren: Um, no. The key reason to use --bind-interfaces is to restrict the server to a set of interfaces, rather than doing everything. [10:02] Otherwise --listen-address won't have the effect it does. [10:03] So libvirt should very much be using this. I think libvirt should *also* be using --interface, but that requires fixing the bug in dnsmasq. [10:03] DHCP won't run by default, unless you add dhcp-range= [10:03] --bind-interfaces makes it bind to /all/ interfaces, doesn't it? [10:03] Or am I misreading the docs? [10:03] soren: The opposite. --bind-interfaces makes it bind to specific interfaces, rather than everything. [10:04] "On systems which support it, dnsmasq binds the wildcard address, even when it is listening on only some interfaces." [10:04] i don't even know what that means. [10:04] How do you bind to the wildcard address, but only some interfaces? [10:04] linux supports this, so ignore the first bit. [10:04] You accept any packets with any address to that interface? [10:05] For instance, eth0 might be on 10.100.200.4 but also connected to a local hub is a NAS that has a default interface of 192.168.11.150 and makes tftp requests to load the OS. [10:06] soren: it bind to * but discards packets coming from excluded interfaces [10:06] So if you bind to the wildcard address and eth0, you see that. If you bind to the address, you don't. [10:06] ttx: That's what I thought, but that's exactly what it doesn't do. [10:06] * ttx rerereads dnsmasq.conf [10:06] If you were bound to *, others wouldn't be able to do so as well.. right? [10:07] "It then discards requests that it shouldn't reply to. This has the advantage of working even when interfaces come and go and change address." [10:07] Right. [10:08] ..but only one process can be bound to any one address/port/protocol at any given time. [10:08] ..and the last sentence says this is useful if you're running multiple dnsmasq's. [10:08] ..so I'm confused. [10:09] ah, I see. That sentence describes default behavior, not what happens when bind-interfaces is enabled :) [10:09] Oh. [10:09] Indeed. [10:09] read "By default, dnsmasq binds the wildcard address" [10:09] Oh! [10:09] * soren rereads [10:09] That would make much more sense. [10:09] --bind-interfaces locks it down to specific addresses or interfaces, as specified. [10:09] OH! [10:09] sanity restored. [10:10] Yay. [10:10] Ok, I'm all better now. [10:10] soren: I agree that sentence is slightly confusing, especially with the double meaning of "bind-interfaces" :) [10:10] Right, where were we? [10:10] should be "bind-to-specific-interfaces-rather-than-wildcard" [10:10] Yes. [10:10] Great. Ok. [10:11] OK, so are we agreed that setting --bind-interfaces by default is sane? [10:11] Yes! [10:11] Done. [10:12] * soren wonders why I have this: [10:12] udp 0 0 0.0.0.0:67 0.0.0.0:* 1311/dnsmasq [10:12] Next, since we're using --bind-interfaces, we need to select some address or interfaces to which to bind. [10:12] I suggest we ought bind to eth0 by default. [10:13] Did we conclude that dnsmasq doesn't do dhcp by default? [10:14] * soren crosses fingers [10:14] * persia reads the config again [10:14] yes, no dhcp-range by default [10:14] "Uncomment this to enable the integrated DHCP server" [10:14] #dhcp-range=192.168.0.50,192.168.0.150,12h [10:14] Woo! [10:15] Ok. [10:15] Right, which collides with the default range of a number of consumer routers. [10:15] So, what we want to do, really, is to make sure the out-of-the-box experience isn't broken. [10:15] So, if we bind by default to eth0, we only provide dns and tftp, and if someone wants dchp, they touched the config file. [10:15] That's always the goal. Part of the "Just Works" ethic. [10:16] Assuming people don't fiddle with anything at all, just --except-interfaces virbr0 would actually do. [10:16] Well, no, because we can't guarantee that virbr%d will be virbr0 [10:16] I know this is counter to what I've been arguing all along, but I honestly thought it had dhcp enabled by default. The fact that it doesn't, changes things. [10:16] persia: Out of the box, yes we can. [10:17] persia: tftp server is disabled by default, FWIW [10:17] "#enable-tftp" [10:17] by default it only does DNS [10:17] And now I understand why it didn't seem to work at all, even aside from crashing on start :) [10:17] * persia didn't need or even really want the dns part [10:18] by default it doies DNS and reads forwarding server from /etc/resolv.conf [10:18] thats' all it does. [10:18] So, libvirt upstream suggests that we configure dnsmasq like http://wiki.libvirt.org/page/Libvirtd_and_dnsmasq if we want to use it with libvirt. [10:19] This matches what we almost decided, but since it doesn't do anything by default, I have a feeling we might decide something else. [10:22] soren: So have you returned to the idea that libvirt ought provide a config fragment that adds bind-interfaces and exclude-interface=virbr0 and dnsmasq ought have a trigger that detects config fragments and restarts? [10:22] (which ttx suggested 3 months ago, and I thought was good before asking people about it) [10:25] ttx: And are you happy with the combination of --bind-interface and --listen-address in libvirt, rather than using --interface directly as you suggest in your bug comment? [10:25] does ubuntu server 9.04 have sshd on it ? [10:25] i mean installation media [10:26] kwork: openssh-server is on the CD and in repos [10:26] not package [10:26] i mean can i run sshd off livecd [10:27] kwork: yes - you can run a complete system, installing whatever on liveCD [10:27] hmmmz okey [10:27] kwork: LiveCD does not "persist" across reboots without extra setup ofcourse [10:28] yes, i just need sshd to access that machine remotely for a while [10:28] thanks anyways [10:28] no problems [10:28] persia: I wouldn't complain if you just added except-interfaces=virbr0 to dnsmasq's default configuration. [10:29] soren: Um, why? That breaks the case for people who don7t use libvirt. [10:29] persia: I'm ok with it. [10:30] sorry to ask again, but want to know your opinion: if anyone had to develop an application which has to be modular and run in a *nix enviorenment, which programming language will you choose? [10:30] persia: why? [10:30] soren: Because maybe they want some virtual machine using virbr0 to get pass-through DNS? [10:31] If we put the snipped in libvirt, this always works. If we put it in the default dnsmasq config, the user has to manually configure dnsmasq if not using libvirt. [10:34] persia: Hey, feel free to add as many bells and whistles as you like. I'm just saying I'd be fine with the simple approach, which I doubt will cause many real surprises. [10:35] OK. Then I'll proceed with the following: [10:35] 1) make sure dnsmasq has a trigger to restart if anyone adds config files [10:36] 2) have libvirt provide a config file with --bind-interfaces and --exclude-interface [10:36] 3) file a new bug on libvirt and dnsmasq about the --interface race condition. [10:36] Oh, and 0) update the current bug afrer my current meeting to reflect that plan [10:37] persia: sounds good to me. [10:53] hi, there i am migrating ldap-samba to another server and when i do net rpc getsid it is taking some different sambaid not the same that i got from ldap. any idea? === nirvanis_ is now known as nirvanis [12:14] ttx: i haven't written all the MIRs cause i'm *still* waiting for heartbeat, cluster-agents and pacemaker to be built (uploaded 5-6 days ago) [12:22] hi folks - I'm having some problems setting up Cyrus by following this guide: https://help.ubuntu.com/community/Cyrus - all is fine except the final two commands in the Mailbox creation section - it won't let me login to cryadm using the password I specified in the previous commands [12:22] any suggestions? [12:26] ivoks: Oh, wow. [12:26] ivoks: heartbeat says " * Start in 9 minutes (1855) What's this? [12:26] Whoops :) [12:26] :) [12:27] 9 minutes.. Any minute now :) [12:27] soren: Start 2010-02-24 [12:27] ivoks: Which arch? [12:27] ia64 [12:28] pft [12:28] Who cares? :) [12:28] well, until all archs are build, packages aren't available [12:28] built [12:29] For MIR, we only really care about release architectures. [12:29] afaik [12:30] would it be possible to have both rhcs and pacemaker in main? [12:31] In terms of what? [12:31] or at least just demote cman and rgmanager binaries [12:31] there are some tools built with support for cman, likve clvm [12:31] if we drop libcman to universe, we'll have to drop cman support for clvm [12:32] and that will blow up some working installations [12:32] E: cluster-glue: binary-or-shlib-defines-rpath ./usr/lib/stonith/plugins/stonith2/ipmilan.so /usr/lib [12:33] cr@p [12:38] ivoks: so all packages are uploaded, MIR are blocked on package build, and the rest of the spec can be pushed back to beta1 ? [12:38] ttx: yes [12:39] ivoks: OK. I suggest we just drop "create cluster task for tasksel"... since it's now past-FF ? [12:40] ttx: eh :/ [12:40] ttx: i'll try with FFE [12:41] New bug: #526416 in drbd8 (main) "package drbd8-source 2:8.3.3-0ubuntu2 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/526416 [12:42] ivoks: ok, I just updated work items accordingly. [12:42] ok, thanks [12:47] New bug: #526418 in samba (main) "Samba-common-bin installed post-installation script fails with error 2" [Undecided,New] https://launchpad.net/bugs/526418 [12:49] ivoks: looks like score 1855 is synonymous to "never" :/ [12:49] eh? [12:49] well, heartbeat/amd64 was set to occur in 2 minutes, 10 minutes ago... now it says "20 minutes" [12:50] yeah, i had same issue with cluster-glue [12:50] it took 5 days for it to build [12:50] it was on on sunday evening, iirc [12:50] and published yesterday [12:50] ivoks: you might try to ask for help on ubuntu-devel, if you can convince any of the ones with scorepumping powers to help you [12:51] crested is inoperational, which has significantly slowed the amd64 queue for the past few days. [12:51] or... do everything in my ppa and sell it as a addition to ubuntu server :D [12:51] It's more than scorepumping, it's that a job needs killing. [12:51] has anyone done a live migration with virsh on Ubuntu 9.10? I get an Unknown Failure, http://pastebin.ubuntu.com/382228/ [12:51] persia: amd64 is ok [12:52] persia: ia64 is what's killing my packages [12:52] ivoks: not really. ia64 will not prevent publishing [12:52] well, are you sure? [12:52] * persia was referring to "heartbeat/amd64 was set to occur in 2 minutes, 10 minutes ago... now it says "20 minutes"" and is apparently confusing two separate issues. [12:52] i had cluster-glue publishing waiting for sparc and ia64 [12:53] iirc [12:53] ivoks: iIrc I had packages published once i386/amd64 were done [12:53] ok, then i'll just wait for heartbeat to finish [12:53] on amd64 [12:54] and this one: [12:54] https://edge.launchpad.net/ubuntu/+source/cluster-agents/1:1.0.2-0ubuntu1/+build/1514717 [12:55] this one will be blocked in NEW [12:55] awesome :/ [12:56] morning [12:56] hi [12:57] zul [12:57] hi anybody [13:02] New bug: #526430 in postfix (main) "can't completely remove dovecot-postfix" [Undecided,New] https://launchpad.net/bugs/526430 [13:40] good morning all. [13:51] I want to block entire countries from accessing my mail server. spam is heavy today [13:52] antispam is actually quite easy these days [13:53] blocking countries would be pointless [13:53] disagreed [13:53] i have no interest any email originating from Russia / Pan Pacific [13:54] ivoks if 5% of 3million emails make it through in one 24 hour period, how many spam emails is that [13:54] bogeyd6: do you use RBLs? [13:55] rbls and greylisting kill 99,99% of spam [13:55] ivoks: yep :) [13:55] abuseat, spamcop, spamhaus, wpbl [13:56] use a tagging/blocking system. if you popup on two you are blocked, if you only hit on one you are tagged [13:56] Server Status [13:56] Server Uptime [13:56] 21 hours, 57 minutes [13:56] Storage Occupied [13:56] Total Storage [13:56] 341.7 GB [13:56] Storage Occupied [13:56] 146.4 GB [13:56] Percent [13:56] 43 % [13:56] 43% - Storage Occupie [13:56] 57% - Storage Fre [13:56] Antivirus statistics [13:56] Attachments checked [13:56] 8 326 674 [13:56] Viruses found [13:56] 262 [13:56] Prohibited filenames/MIME types found [13:57] bogeyd6: I've found b.barracudacentral.org to be pretty good. [13:57] !pastebin [13:57] 65 080 [13:57] For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. [13:57] 0% - Viruses foun [13:57] 100% - Attachments without viruse [13:57] Spam filter statistics [13:59] sorry, a thousand space apologies [13:59] bogeyd6: your fine, just please try use a pastebin :) [13:59] it showed as a copy on one line, i guess i should have checked in a notepad first [14:00] screen-x, this is my past 21 hours http://paste.ubuntu.com/382267/ [14:02] soren: https://edge.launchpad.net/ubuntu/+source/cluster-agents [14:02] soren: now, all except ia64 are built [14:02] soren: but it won't be published before ia64 is built :/ [14:03] bogeyd6: What do you use to allow your users to mark messages as spam? [14:03] screen-x, spamassasin [14:04] ivoks: You could beg an archive-admin, as you "want to get it in for Alpha-3, and don't think ia64 is release quality for Alpha-3 anyway" ... [14:04] bogeyd6: ok, but how do you present that to users? [14:04] Spam button [14:04] persia: i'll skip [14:05] persia: it can be done after alpha3 [14:05] go into junk folder hit not spam [14:05] but if blocked, there is no option because it never arrives [14:06] ivoks, running zimbra [14:06] i have zimbra on one location [14:06] hate it's search engine [14:06] hate it cause you can't connect it to anything but outlook [14:06] so, i just hate it [14:07] agreed* [14:07] plus the resource usage!!! [14:08] * jgjones like zimbra [14:08] omg, zimbra, 20 users, dual 2.4ghz's, 4gb ram, Load Average? 1.42, 1.60, 1.65 [14:08] we don't use outlook at all anyway - all staff prefer the webmail version anyway. [14:08] jgjones, you ever roll out the desktop? [14:09] jgjones: have you tried searching for an email? [14:09] search - yup - I find it quite good [14:09] I tend to use advanced [14:10] search by folder, date range, subject, to, from, tags, domain etc - quite a lot of options to use [14:10] bogeyd6, no - we don't use zimbra desktop [14:10] its search is too yahoo like [14:10] makes google searchers disoriented [14:10] ttx: is today's eucalyptus package happier for you? [14:12] kirkland: I'm testing the ISO right now [14:12] New bug: #526461 in eucalyptus (main) "UEC installer no longer proposes CLC+Walrus+CC+SC by default" [Undecided,New] https://launchpad.net/bugs/526461 [14:12] ttx: i saw your new bug about the clc+++ not being selected [14:12] ttx: figured you might be testing it ;-) [14:12] yes, istr it was selected before [14:12] heh [14:12] doing a manual install remembers me of good ol days [14:12] ttx: i think so too [14:13] bogeyd6, heh well I haven't had any problem so far as long as I use advanced and not treat it as a "Google" search. [14:13] ttx: :-) automation does take a lot of the fun out of it [14:13] ttx: you should try it on mathiaz' test rig [14:14] ivoks, can't connect to anything but outlook? um, it does have IMAP, POP3 etc so you could use any email client really [14:14] kirkland: it doesn't select node on the node install either. Will update, probably the same bug [14:14] jgjones: but address book isn't usable [14:14] jgjones: you can't share them between users [14:14] ttx: hmm, i wonder what changed recently ... should check with cjwatson [14:15] ttx: we haven't touched anything like that on the eucalyptus side in a long time [14:15] I did touch eucalyptus-udeb, but nothing around the default choices [14:15] might be a d-i bug [14:15] jgjones: there are also tasks and calendars [14:16] jgjones: those are not usable on any other client, except outlook and web client [14:16] Is the question posted here correct? http://tinyurl.com/yz2cuf7 Does Walrus really store the full files on the cloud controller? Aren't they distributed throughout the cluster? [14:16] jgjones: all those things almost make exchange best groupware suite for linux clients :D i find that ironic... [14:17] take care [14:17] New bug: #526464 in samba (main) "intermittent authentication: check_ntlm_password: Authentication for user [someuser] -> [someuser] FAILED with error NT_STATUS_ACCESS_DENIED" [Undecided,New] https://launchpad.net/bugs/526464 [14:17] ivoks, yup - which is why we tend to just use web client only - we don't use Outlook at all anyway. [14:18] Speed of webmail haven't been an issue. [14:25] ttx: do you want me to seed etckeeper for you? [14:26] zul: I was wondering what mathiaz's plan was. Recommend it from puppet or suggest/seed it [14:27] ttx: gotcha [14:27] I suppose it's the latter, but let's wait a few minutes more [14:28] or less than a few minutes. [14:28] mathiaz: [14:28] ttx: do you want me to seed etckeeper for you? [14:28] zul: I was wondering what mathiaz's plan was. Recommend it from puppet or suggest/seed it [14:28] ttx: gotcha [14:28] I suppose it's the latter, but let's wait a few minutes more [14:29] hmmm - I was thinking about suggesting it [14:30] Only suggest? It makes life so much easier. [14:30] persia: from puppet. [14:30] ttx: how does etckeeper handle the fact that /etc is already under vcs? [14:30] persia: we should aim for an installer question for lucid+1 [14:31] Ah. so suggest/seed rather than just suggest. Never mind. [14:31] mathiaz: it handles it well if you select the same vcs... basicaly it will check for /etc/.bzr existence [14:31] mathiaz: but if you use a combination of VCSs... [14:31] ttx: there is also the fact that etckeeper pulls in bzr by default on Ubunut [14:32] ttx: and some admin may prefer another vcs by default [14:32] mathiaz: they can still use another one [14:32] ttx: vcs choices can be a touchy subject [14:32] ttx: agreed - the question here is about the *default* [14:32] mathiaz: etckeeper uninit, edit config, etckeeper init [14:32] mathiaz: well, any default will hurt someone [14:32] ttx: you install puppet and suddenly you get bzr as well while you're git fan [14:33] mathiaz: no [14:33] mathiaz: if you already have git installed, it won't install bzr :P [14:33] ttx: if puppet recommends etckeeper [14:33] ttx: ah ok [14:33] Depends: bzr (>= 1.4~) | git-core (>= 1:1.5.4) | mercurial | darcs, debconf (>= 0.5) | debconf-2.0 [14:33] ttx: cool [14:34] mathiaz: hmm [14:34] mathiaz: it might fail: though, since the config file doesn't autoadapt [14:34] i.e. we ship VCS=bzr in all cases [14:34] (and Debian ships VCS=git in all cases) [14:34] mathiaz: but that would be a bug [14:35] just preventing initialization at install-time [14:35] ttx: ok [14:35] but I agree that recommending might be overkill [14:35] ttx: we should ask the debian maintainer team what they think about it [14:36] ttx: for the time being, I'd seed etckeeper on the server iso (server-ship) [14:36] mathiaz: right. [14:36] ttx: since we're planning on lucid+1 integration [14:36] sul: ^ [14:36] zul: ^ [14:36] and gul: ^ [14:37] ttx: and we'll talk with the debian maintainer about etckeeper support [14:38] acked [14:39] done [14:40] zul: thanks [14:48] kirkland: hm.. my instance run test still fails with 1.6.2-0ubuntu3 [14:48] "Caught exception reading instance data" [14:48] * ttx investigates [14:51] ttx: how did you bundle it? [14:51] ttx: i found i had to bundle the image by hand (see my notes and pointer to the other bug in cloud-utils) [14:52] kirkland: I bundled it using uec-register-tarball, but my image started ok... and is "running" [14:52] just blocks at "Caught exception reading instance data" which is a symptom of the ephemeral0 bug [14:52] will try manually though [14:54] kirkland: how did you test exactly ? Upgrade, then run a recent lucid image ? [14:57] ttx: yes, i ran yesterday's lucid image [14:57] ttx: upgrade, correct [14:57] ttx: i did a clean restart, then a reboot [14:59] beh. [14:59] * ttx digs deeper [15:03] might be related to uec-register-tarball indeed [15:08] kirkland: yep, you were right. [15:08] ttx: i filed a bug, though smoser says it may be a dupe [15:09] kirkland: commented [15:09] Looks like trying to use one of those images breaks eucalyptus [15:09] the original error is some failure to serve ramdisk-id metadata in eucalyptus [15:10] (looking at cloud-error.log) [15:10] kirkland, ttx i'll address uec-registre-tarball today.. [15:10] so the way uec-register-tarball registers images makes them fail in UEC. [15:10] smoser: that would be great [15:10] yep, I wanted to rewrite the test instructions so that they look sane :) [15:12] yeah. [15:18] smoser: I filed bug 526504 as well [15:18] Launchpad bug 526504 in cloud-utils "uec-publish-tarball should gracefully fail when run before eucarc is sourced" [Undecided,New] https://launchpad.net/bugs/526504 [15:20] ttx, i nominated bug 525989 for lucid. i would like to have it fixed and incorporated today for alpha3 if you think that s possible? [15:20] Launchpad bug 525989 in cloud-utils "uec-publish-tarball yields unrunnable emi" [Medium,Confirmed] https://launchpad.net/bugs/525989 [15:22] smoser: yes, that would be good to have [15:23] smoser: if nothing more urgent comes up [15:23] ok. then please accept nomination for lucid. [15:23] like omgimagefails [15:23] or omgboothookconfigfails [15:24] ttx, kirkland also, the symlink thing (bug 522292) has an easy fix in euca2ools [15:24] Launchpad bug 522292 in euca2ools "euca-bundle-image fails to use symbolic links" [Medium,In progress] https://launchpad.net/bugs/522292 [15:24] that i marked as beta-1 [15:24] smoser: i see that ... we can problem get that in right now [15:24] smoser: i'll need to ask slangasek for an exception [15:25] kirkland: why ? [15:25] it is a bug, right? the "freeze" is not solid, right? [15:26] smoser: I'd tend to agree with you [15:27] kirkland: tested your SRU and it works fine, but discovered a new bug 526506 [15:27] Launchpad bug 526506 in eucalyptus "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/526506 [15:27] smoser: would you have a boothook test config ? [15:27] smoser: something we could add to http://testcases.qa.ubuntu.com/System/UECCloudImages [15:28] TeTeT: introduced by that SRU? [15:28] smoser: to validate boothooks are doing the proper thing [15:28] there is one in cloudinit examples/ [15:28] kirkland: I doubt it [15:28] kirkland: it's independent of it, having to do with volumes [15:29] ttx, sorry, doc [15:29] TeTeT: okay, please file a new bug, but please don't muddy the water in that other sru, if you don't believe its a regression [15:29] kirkland: no, filed a new bug, bug 526506 [15:29] Launchpad bug 526506 in eucalyptus "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/526506 [15:29] ttx: why what? [15:29] smoser: i'll need to ask slangasek for an exception [15:30] ttx: why fix it? or why ask for an exception? [15:30] kirkland: why ask for an exception ? [15:31] ttx: okay, i won't [15:31] ttx: it's not disruptive [15:32] I have what is hopefully a quick question about ubuntu networking and dual NIC's. I have a server setup and am using it as a VM server using VMWare server 2.0.2 (no this question has nothing to do with VMWare). I have logged my server onto AD with a hostname: server.domain.local, i can ping the static IP I have set it to on eth0, works great. I added the second nic -> /etc/network/interfaces, for dhcp. When I start the interface, [15:32] kirkland: as long as it's in today, i think you can just upload it. [15:32] ttx: ack [15:33] I expect a few rerolls given the bugs already reported. [15:34] ttx: smoser: euca2ools uploaded! [15:35] ttx: smoser: i'll propose a merge to upstream with the change too [15:37] New bug: #526506 in eucalyptus (main) "[karmic]: attaching volume to /dev/sda results in non operational node" [Undecided,New] https://launchpad.net/bugs/526506 [15:38] kirkland: also please comment on https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/455746/comments/2 [15:38] Launchpad bug 455746 in eucalyptus "postfix should be preseeded appropriately when pulled in by the UEC cluster controller installer target" [Wishlist,Triaged] [15:39] ttx: yes, i agree that we should set the postfix value when installing uec [15:40] Anyone? [15:40] ttx: are you assigning this to me? [15:40] Or rather my question is wrong, how do I assign a new hostname to the secondary NIC? [15:40] kirkland: I'm unsure how easy it is though. Passing preseed values from udeb to deb sounded tricky last time I looked into it [15:41] ttx: hmm, i wouldn't have thought it was that complicated [15:41] dasunsrule32: in DNS? [15:41] ttx: i would have thought it was just a db_set [15:42] kirkland: IIRC one is installed on the installer / and the other in the installed-system chroot [15:42] so it's not the same DB [15:42] but cjwatson would know better -- and know how to best do it [15:43] preseed it with owner 'postfix' [15:43] it's a little fiddly, point me to a bug and I can do it [15:43] oh, that bug [15:43] cjwatson: heh [15:43] give me the key/value pair(s) you want preseeded [15:44] kirkland: could you determine the right postfix-for-CC conf and send it to cjwatson ? [15:45] Hi everyone. [15:45] (this is partly because I can't remember the precise runes without looking, and recall some slight weirdness, nothing major) [15:45] ttx: cjwatson: yes, sure, i will [15:45] at worst you end up manually writing something into a logfile [15:45] I am unsure which option makes the most sense in that precise use case [15:45] kirkland: if you look at the uec_clc template on tamarind you'll have an example of the preseed options for postfix [15:46] kirkland: postfix postfix/mailname and postfix postfix/main_mailer_type are what you're looking for [15:46] mathiaz: which option did you chose ? Local only ? [15:47] ttx: postfix postfix/main_mailer_type select Internet Site [15:47] ttx: it should probably be something else - the comment you made in the bug makes sense [15:48] ttx: the tricky part would actually be postfix postfix/mailname [15:48] Etienne suggested "Local only" [15:48] ttx: as this would be depend on the system being installed [15:48] ttx: I'm not sure why postfix/mailname is set to a high priority [15:51] screen-x: that is where I am not sure [15:51] dasunsrule32: it depends what you're trying to do [15:52] I preferred to keep eth1 with DHCP [15:52] it will be used as the host port for the VM servers taht I will be installeing [15:52] and then those servers will be bridging to a staic IP [15:53] Does euchalyptus support virtual guests yet? [15:53] but the problem going DHCP, at least with MSDCHP, is it keeps assigning the same hostname to eth1 [15:54] even though it is an entirely different MAC [16:01] mathiaz: because there's no good default for mailname [16:02] screen-x: I guess the question is, would it be better to assign a static IP to eth1, and not worry about a host name, or would is there a way to have a hostname assigned to eth1 vi /etc/hostname or /etc/network/interfaces? [16:03] dasunsrule32, But it in your dhcp client config to set the hostname [16:03] dasunsrule32: hostnames are usually per machine, not NIC. [16:03] dasunsrule32: but it may be useful to have multiple name referring to the same machine, eg for virtual hosting [16:04] dasunsrule32: You could you bond the NICs, then use one IP and DNS entry for both [16:05] lamont: how about defaulting to the hostname? [16:05] dasunsrule32, Your windows dhcp is giving you a hostname different from what you want, right? [16:06] If so, just override that in your dhclient config [16:06] see debian policy around /etc/mailname - (meeting) [16:07] SEJeff: Yes, it is assigning server.domain.local to eth0 & eth1 [16:07] dasunsrule32, karmic? [16:07] screen-x: how would that work? [16:07] SEJeff: yes [16:07] server edition [16:07] First, read the man page for dhclient.conf. Then edit /etc/dhcp3/dhclient.conf [16:07] Oh a server should not dhcp [16:08] SEJeff: really? [16:08] dasunsrule32, Put something like this: supersede host-name "dasunrules32.awesome.int"; [16:08] The only reason I wanted eth1 as DHCP, simply a bridge [16:08] screen-x, Please tell me you're kidding [16:08] lol [16:08] dasunsrule32, Well this is a super simple problem, again, just edit the dhclient.conf like I showed and it will work [16:09] I do this to keep from getting the gross hostname our enterprise dhcp servers try to give me on this Karmic desktop at work. [16:09] SEJeff: nope, not kidding, whats the argument against using DHCP on servers? [16:09] let me take a look at that [16:10] screen-x, Gee, what happens when your lease expires on your mailserver and your dhcp server is dead? [16:10] screen-x: depends on your application and how well your DNS and DHCP servers work [16:10] ;-) [16:10] Your mail server goes offline. Lets hope you have serial setup when that happens :) [16:10] I use DHCP for ghost servers [16:10] ;-) [16:10] SEJeff: long leases, and redundant DHCP. [16:11] more working parts == more problems [16:11] lol [16:11] SEJeff: it seems to me to be a good way of assigning IPs centrally. [16:11] I've setup redundant servers and am a sysadmin by trade. That doesn't make it right [16:11] That is called dns [16:11] Use a deployment system and config management. That is the right way [16:11] Like cobbler + puppet [16:12] dasunsrule32, Did that dhclient option answer your original question before we got off subject? [16:13] SEJeff: I am looking at the config file, looks like I can assign an interface an alias [16:13] which should in turn, assign the [16:14] alias as the hostname, I think this is what I need. [16:14] glad to help [16:14] I am just trying to assign eth1 as "server-vm-bridge" [16:14] Thanks [16:17] smoser: ttx: hrm, my euca2ools changes were rejected [16:17] ttx,mathiaz: so is the answer to set postfix/main_mailer_type to 'Internet Site', and that's all? [16:17] smoser: ttx: seems someone didn't commit their last changes to the bzr branch before uploading [16:18] kirkland: arh [16:18] that must be me [16:18] ttx: okay ;-) [16:18] Forgot the branch is not a packaging branch [16:18] kirkland, you took the patch right ? [16:18] ttx: no prob, just checking [16:18] or did you take that branch [16:18] because the branch had one other improvement [16:18] which i was planning on opening a beta1 bug for [16:19] (the parsing of the .eucarc is disgusting) [16:19] smoser: looks like 1.2-0ubuntu2 was uploaded about 7 hours ago, fixing LP: #524652 [16:19] yes, I did that this morning [16:19] smoser: i did a bzr pull of lp:~ubuntu-core-dev/eucalyptus/euca2ools [16:19] kirkland: i'll merge [16:19] smoser: didn't see any changes, so i fixed the symlink problem [16:19] ttx: thanks [16:20] smoser: when i uploaded, my 1.2-0ubuntu2 collided with the 1.2-0ubuntu2 that ttx had already uploaded [16:20] fair. [16:20] i had linked a branch to the symlink bug that had other fixes. [16:20] i was asking if you merged from that branch to yours. apparently not, which is good. [16:20] I worked from the packaging branch [16:21] smoser: that's what your branch was branched from, right [16:21] my branhc was from euca upstream [16:21] but it doesn't matter becaues kirkland didn't merge from branch [16:22] merge worked nevertheless :P [16:22] oh, for you, ttx, yes, i did. [16:25] ttx: http://paste.ubuntu.com/382351/ [16:26] ttx: ^^ this is the list of postfix configuration available [16:26] ttx: I think Internet site seems to be the best option [16:26] ttx: Local only wouldn't work - as emails should be send out [16:26] ttx: another option would be Satellite system [16:29] ttx: by that means guessing the relayhost [16:29] ttx: which by default is smtp.domainname [16:33] mathiaz: i tend to agree -- i usually select "internet site" [16:34] arh, now the dreaded "different rich-root support" [16:34] * ttx starts over [16:34] ttx: i can do it, if you're occupied... [16:35] kirkland: nah, I must fix my own screwups :) [16:35] ttx: what should i milestone the postfix thing against? a3 or b1? [16:35] ttx: don't beat yourself up :-) [16:36] I'd just keep it targeted to "lucid", no milestone [16:36] cjwatson: so the answer to set postfix/main_mailer_type should be 'Internet Site' [16:37] cjwatson: the tricky part will be to answer postfix postfix/mailname [16:39] kirkland: ok, you should be able to upload/release 1.2-0ubuntu3 from rev262 I just committed [16:40] mathiaz: and I'm very sorry about that. :( [16:40] ttx: cool, let me pull [16:42] mathiaz: or arrange for postfix not to be installed by default, if possible [16:42] which is the approach we've taken until now [16:43] cjwatson: I don't know that the hackery behind postfix install-time installation is still happy, btw - it wants to be post d-i [16:44] lamont: "post d-i"? [16:44] cjwatson: I'm thinking warty and base install [16:44] no [16:44] not happening :) [16:44] right [16:44] I am NOT resurrecting that code [16:44] so not happening [16:45] how in particular is it unhappy right now? [16:46] mathiaz: I've committed a eucalyptus fix, but I'm hesitant to mark the bug "fix committed" or to upload yet, until we know what's happening with postfix/mailname [16:46] perhaps that is not fixable [16:46] mathiaz: but in the meantime, feel free to make further changes based on what I did - the pattern should be clear now [16:46] cjwatson: there's at least one variable in the config template that caused me lots and lots of pain and is not preseedable to other than the default, or some such [16:48] cjwatson: I'll dig into it after dinner tonight [16:48] well, if you can send me details of why it's behaving differently in d-i versus post-d-i, I can look into that [16:49] oh - I totally don't remember what it was, but it had to do with something that gets set up in baseconfig (handwavy) but isn't there when postfix was getting configured then [16:49] that was 5 years ago, dude === jono_ is now known as jono === jono is now known as Guest66435 [17:18] jiboumans: hi - what's the list of blueprints you're considering for the next sub-cycle? [17:31] my nic card is out, and i am getting siocsifflags when I try use ifconfig eth0 up. how do i get it working? or should i replace it? [17:31] I am thinking about running Squid Proxy in a UEC. Is this even feasible? [17:40] SEJeff: I tried the DHCP "supercede" and it complains about missing a semi-colon, I tried it in alias{} section and lease{} section, then the wierd stuff. I set eth1 to static, and restart the network services, and now it creates a virtual adapter that doesn't allow the real eth1 to start correctly, any ideas? [17:44] bug 524434 [17:44] Launchpad bug 524434 in ubuntu "Lucid Alpha 2 server iso install fails at bootloader in KVM" [Undecided,Confirmed] https://launchpad.net/bugs/524434 [17:51] in ubuntu with postfix/dovecot how can i just the older mail.log from lets say february 11 [17:53] errr how can i see* === nirvanis_ is now known as nirvanis [18:11] New bug: #526591 in euca2ools (main) "euca2ools parsing of config file is severely limited" [Undecided,New] https://launchpad.net/bugs/526591 [18:24] kirkland, i just opened bug https://bugs.launchpad.net/ubuntu/+source/euca2ools/+bug/526591 [18:24] Launchpad bug 526591 in euca2ools "euca2ools parsing of config file is severely limited" [Low,New] [18:25] does anyone know the location of the configuration file that defines log rotation for mail.log postfix/dovecot in ubuntu 8.10 ? I checked /etc/logrotate.d/ and its not there [18:26] smoser: okay [18:26] it has my suggested fix attached. [18:39] New bug: #526587 in dbconfig-common (main) "Sync dbconfig-common 1.8.44 (main) from Debian testing (main)" [Wishlist,New] https://launchpad.net/bugs/526587 [18:58] Is there a way to have likewise-open5 listen only on a specific address? [19:03] Hey all - I've got a very weird issue with networking on 8.10 server on VMware Esx am hoping someone might be able to give me some pointers. [19:13] i am having a nic problem. getting "siocsisfflags error message". i issued dhclient and it gets an ip, however on restart nic is gone from ifconfig. [19:25] what would be smoother upgrading from 9.10 -> 10.04 or from 8.04 to 10.04 [19:26] need to install server for now [19:38] I have a kerberos question, is the communication between server and client encrypted? Say kerberos + telnet is a single singeon ssh? [19:39] every where I read about kerberos the only thing people is describing is the authentication [19:43] for kerberos telnet, encryption is optional [19:43] "-x" flag from the man page [19:44] ssh supports kerberos (GSS-API), use that if you can [19:46] New bug: #523812 in quagga (main) "Quagga reports crash on Karmic" [Medium,Incomplete] https://launchpad.net/bugs/523812 [19:47] thank you msantos, I have read my textbok from back to back to understand if kerberos would encrypt the traffic [19:47] New bug: #515048 in samba (main) "nmbd crashed with SIGSEGV in _IO_vfprintf_internal()" [Low,Incomplete] https://launchpad.net/bugs/515048 [19:48] I'm trying to share a nfs over the internet [19:49] anyway thank you msantos [19:49] regius, np [20:11] smoser: when you get a sec can you look at #524243 [20:11] where does UEC store the images and other bulk of the data? [20:11] New bug: #525209 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.4 failed to install/upgrade: ?????????? ?????????? ???????? post-installation ????????? ??? ?????? 1" [Low,Incomplete] https://launchpad.net/bugs/525209 [20:14] bug 524243 [20:14] Launchpad bug 524243 in python-boto "Python-boto crashes with Duplicity and Amazon S3" [Undecided,New] https://launchpad.net/bugs/524243 [20:15] zul, the bug says that works in lucid, fails in karmic [20:15] err... works with lucid python [20:15] fails with karmic's boto [20:15] s/lucid python/lucid boto/ [20:16] kirkland, are you around? [20:16] smoser: yup [20:16] smoser: sup [20:17] it looks to me like bug 525989 is a eucalyptus mess [20:17] Launchpad bug 525989 in cloud-utils "uec-publish-tarball yields unrunnable emi" [Medium,Confirmed] https://launchpad.net/bugs/525989 [20:17] so i tried to recreate by [20:17] a.) setting up a karmic instance per documentation (without uec-publish-tarball) [20:18] b.) setting up a lucid instance *with* publish-tarball [20:18] i was unable to reproduce [20:18] smoser: ah missed that part [20:18] i notice one thing funny though [20:18] from inside the instance, i crawled metadata service with boto get_instance_metadata() [20:18] it returns : 'ramdisk-id': 'eri-0577198B' [20:19] i think "where in the world did a ramdisk come from!" [20:19] $ euca-describe-images | grep eri-0577198B [20:19] IMAGE emi-DFFB1509 i-20100223142513/karmic-server-uec-amd64.img.manifest.xml admin available public x86_64 machine eri-0577198B eki-252B1A12 [20:19] IMAGE eri-0577198B r-20100223142513/karmic-server-uec-amd64-initrd-virtual.manifest.xml admin available public x86_64 ramdisk [20:20] kirkland, so, in summary, if you have *any* ramdisk registered, even if not with the selected EMI, eucalyptus will tell your instance that its ramdisk ERI is *that* one. [20:20] * marsje is reinstalling someone's Windows laptop... *sigh* [20:21] zul, i saw that bug a while ago too, and thought "uh-oh, boto-1.9b issue". but its the reverse. [20:21] smoser: wtf, that's nuts [20:21] yeah, my guess is you tried with uec-publish-tarball, and it failed. [20:21] smoser: yeah...ill close it as fixed released then [20:21] then you tried with "regular method" and it succeeded. [20:22] or probalby you did a karmic for good measure, ended up getting an eri there and then it would have worked again if you used uec-publish-image [20:24] smoser: i think we have to assume people will have all sorts of images in their UEC [20:24] smoser: perhaps some with ERI's, and some without [20:24] smoser: some published with euca-*, some with uec-*, and some with the image store proxy [20:24] oh shoot! [20:24] i was thinking it just *showed* youthat [20:24] but i think you're right. it *booted* with that ramdisk [20:24] let me verify that [20:25] yep. [20:25] its completely reproducible [20:26] kirkland, http://paste.ubuntu.com/382500/ [20:27] smoser: blargh [20:27] smoser: is this on my local cloud? [20:27] smoser: where are you running this? [20:27] datacenter [20:28] Evening All [20:28] yeah. verified it on my private cloud too. [20:28] Today I setup dual gig .ad bonding [20:28] on my ubuntu based open-iscsi server [20:28] eucalyptus just says "oh, you dont have a ramdisk ? let me get you one" [20:28] and also on my ESXi box [20:28] however, my hdparm testing before vs after is the same speeds :( [20:28] would anyone have any ideas? [20:29] and if there is no ramdisks registered, it will boot without one, but then boto's crawling of the metadata service will fail. [20:29] smoser: quick chat via phone? [20:30] sure. let me post a comment in the bug. [20:30] smoser: okay, call my cell when you're done [20:31] please tell me your not honestly gonna support some guy via cell from IRC :p [20:31] If you are then fair play, heh [20:32] Bullterd, the suggestions would be your storage didnt change so the storage speeds didnt change [20:32] hmmph. [20:32] that would be a good point [20:32] New bug: #525205 in php5 (main) "proc_open() with pty descriptor type fails with errno 14 on amd64" [Medium,Triaged] https://launchpad.net/bugs/525205 [20:32] New bug: #525233 in krb5 (main) "package libk5crypto3 1.7dfsg~beta3-1ubuntu0.4 failed to install/upgrade: package libk5crypto3 is already installed and configured" [Low,Incomplete] https://launchpad.net/bugs/525233 [20:35] ok WTF [20:35] sudo hdparm -tT /dev/sda on my iscsi server gives 13.99MB/sec [20:36] and on my iscsi based virtual machine I get 262 0.o [20:37] 262MB/sec? [20:37] yeah [20:37] is it possible to restart dd after it runs out of diskspace on the destination [20:38] zroysch, only in ddrescue [20:39] damn. [20:39] sucks bad [20:39] i have 1.09gb to get onto like 920gb [20:39] is there any way to compress on the fly [20:39] :( [20:39] pipe it to tar [20:41] or [20:41] gzip [20:41] ala dd if=/dev/hda | gzip > /mnt/hdb1/system_drive_backup.img.gz [20:42] New bug: #526659 in samba (main) "nmbd fails to start at boot time" [Undecided,New] https://launchpad.net/bugs/526659 [20:47] what is the compression of gzip? [20:47] or i guess that depends [20:48] dont want to sit through another days worth of backing up to see it not fit again [20:48] 1.09gb onto 920gb seems doable :p [20:48] oh great [20:48] md2 failing again [20:51] New bug: #526672 in samba (main) "apport hook should provide a Not Applicable choice for all the questions" [Undecided,New] https://launchpad.net/bugs/526672 [20:54] http://pastebin.ca/1807299 [20:54] safe to say the drives are hosed at this point? [20:59] zroysch: lots of words in that pastebin that make me think yes [20:59] run diag with UBC [21:00] man. raid is annoying [21:00] is it true that i should be buying the more expensive drives "designed" for raid [21:00] Nah [21:00] RAID = Redundant array of inexpensive disks [21:00] in the name, lol [21:00] i know what it stands for. [21:01] i dont know what run diag with UBC means [21:01] ultimate boot CD [21:01] has some good hdd scanning tools [21:07] kirkland: bug 522452 [21:07] Launchpad bug 522452 in update-manager "update-motd delays login" [Medium,Triaged] https://launchpad.net/bugs/522452 [21:07] kirkland: this is why I get a delay when ssh into some machines [21:07] mathiaz: ah, yes, let me take a look [21:09] kirkland: IMO none of the script run in update-motd should attempt any network connection [21:10] kirkland: with a firewall that DROP packet it just delays everything [21:11] mathiaz: hmm, i agree that login should be fast/immediate [21:12] mathiaz: previously, these just ran in a cronjob [21:12] mathiaz: i think the network-using scripts should test network connectivity before running it's meat [21:13] kirkland: hm - I'd suggest to decouple the part that requires network and the part that formats the output to be plugged into the motd [21:13] kirkland: run the network part as a cron job/background task [21:14] kirkland: parse its output during login time [21:14] kirkland: IIUC this is what 90-updates-available does [21:14] kirkland: it doesn't run apt-get update [21:14] hello people [21:15] what would be best partitioning for web server on 80 gb hard drive? [21:15] mathiaz: okay, then your gripe is with dpkg -S /etc/update-motd.d/91-release-upgrade [21:15] kirkland: although 90-updates-available is a bit complicated [21:15] mathiaz: not update-motd [21:15] mathiaz: b/c all update-motd (which is in pam_motd) does now is just run the scripts in that dir [21:15] kirkland: right - that's with update-manager [21:16] kirkland: bug 522452 is filed against update-manager [21:16] Launchpad bug 522452 in update-manager "update-motd delays login" [Medium,Triaged] https://launchpad.net/bugs/522452 [21:22] mathiaz: i'm not sure what to say ... [21:23] mathiaz: the network-needing scripts could go back to being cronjobs [21:23] mathiaz: or they could just fork off to the background, writing to a cache file [21:23] kirkland: right - I don't have definitive answer either [21:24] mathiaz: and honestly, i like the current behavior on my systems [21:24] mathiaz: i know that the updates/upgrade information is current as of login [21:24] mathiaz: and for whatever reason, it only takes a split second on my server [21:25] kirkland: right - the use case of having long delays is a valid one [21:25] kirkland: and one I've run into in the DC [21:25] kirkland: we should find a proper balance between freshness of information and fast ssh login === tsimpson is now known as Guest5579 [21:52] New bug: #526697 in euca2ools "euca-describe-images has incorrect order of ramdisk and kernel" [High,Confirmed] https://launchpad.net/bugs/526697 [21:53] is my data recoverable at this point http://pastebin.ca/1807299 [21:59] kirkland, euca2ools new bug (simple fix) https://bugs.launchpad.net/eucalyptus/+bug/526697 [21:59] Launchpad bug 526697 in euca2ools "euca-describe-images has incorrect order of ramdisk and kernel" [High,Confirmed] [22:04] How can I get lucid installed on a KVM virtual machine? [22:04] If I try to install via ISO, it keeps failing at grub... [22:04] Is there an easier way? [22:07] I'm using the amd64 alpha2 cd... [22:08] also, when I press F4 and select "install minimal virtual machine" nothing changes, is that what's supposed to happen? [22:14] Am I supposed to close the server-papercut bug task when I fix something or do I leave it open until the meeting so that everyone can join in and rejoice? [22:28] thafreak: try a daily ISO or wait for alpha 3. I think there might be open bugs with Lucid + KVM. [22:39] sherr: thanks, zsyncing a daily iso now... [23:23] When I try to run apt-get update with two NIC's enabled, it just hangs and will not update, I have to disable eth1 to update, any ideas? [23:28] dasunsrule32: Sounds like a routing issue to me. Are other sorts of http requests affected? [23:29] Well, I do not believe so [23:29] it is the server edition [23:30] e.g. if you run `apt-get --dry-run --print-uris update` ande try to wget that stuff, does it also hang? [23:30] I can ssh in fine with both nic's enabled [23:30] one sec [23:31] Ya, I can't ping anything either [23:32] Yeah. Your server has a routing issue. [23:32] It's able to return incoming connections, but doesn't know how to route the outgoing connections. [23:32] I have been moving services from eth1 to eth0 [23:32] Seems to be [23:32] So sort that, and apt-get will work fine :) [23:32] both NIC's are internal [23:32] to the network [23:32] Are they bonded, or different addresses? [23:33] different IP's [23:33] .2 .3 [23:33] it is a VM server I am building [23:33] .2 will be the web console for vmware [23:33] and .3 will be the bridge [23:33] I have a suspicion that you have competing default routes or something. [23:33] Or maybe no default route. [23:34] `netstat -rn` and `ifconfig -a` are places to start, but it's been long enough since I debugged this sort of thing that I'm not the right person to help you farther than that. [23:34] I did a route -n [23:36] http://pastebin.com/djXe2QDH [23:38] here is my /etc/network/interfaces [23:38] http://pastebin.com/HEsrFgdP [23:48] You do have two default gateways. I think you want just one, and to set up some failover with high-availability scripts. [23:48] But like I said, I haven't played with this in years. [23:49] As a short-term fix, just drop the "gateway" line from one of your interfaces in /etc/network/interfaces [23:49] And go investigate HA solutions to determine best practices. [23:50] Personally, I suspect a bonded interface with two virtual interfaces exposed by the bonding, each with a separate IP is likely to be cleaner (separation of address from interface reduces chance of failure) [23:50] But it's been years, so current best practices may have changed. [23:54] persia, I think you are correct [23:54] I have been working too hard today [23:54] :p [23:55] thank you persia, I will check into bonding [23:55] it is working as needed now [23:56] I can't believe i didn't see that