/srv/irclogs.ubuntu.com/2010/04/06/#ubuntu-server.txt

rbdyck	Last time I re-instsalled Ubuntu, grub said it was setting up hd0. But I have SCSI RAID, so my boot device is sda and its partition is sda1. Is this the boot problem I'm having?	00:26
cloakable	Has anyone gotten dovecot-antispam working on 9.10, and if so, how?	00:46
roy_	Hi, how can you remove all current iptables rules	01:08
=== dendro-afk is now known as dendrobates
MTecknology	roy_: there's a flush option	01:21
MTecknology	iptables -F i think	01:22
roy_	I did this, its because my website says connection refused, what would cause this if its not related to iptables	01:23
RoyK^	it usually means it doesn't listen to that port	01:24
RoyK^	iptables/ufw will normally just drop the packet, not send icmp reply	01:25
rbdyck	I finished formatting my 18.2GB SCSI drives. They were used so I guess it isn't a great surprise that 5 out of 6 work. I think the store I got them from has a couple more.	01:25
roy_	How can i fix this	01:26
=== dendrobates is now known as dendro-afk
MTecknology	Why do you guys suggest using qemu with kvm instead of say xen?	01:51
MTecknology	oh - obvious answer found	01:54
=== dendro-afk is now known as dendrobates
MTecknology	ubuntu-vm-builder is deprecated and vmbuilder is taking it's place - what provides vmbuilder?	02:05
MTecknology	oh... found it :)	02:06
MTecknology	I look and look, ask, then find the answer :P	02:06
ChmEarl	MTecknology, using Xen 4rc8 with pvops 2.6.32.10 kernel on karmic 9.10	02:12
ChmEarl	also without any libvirt	02:13
MTecknology	ChmEarl: isn't libvirt just designed to be an easy to use wrapper around virt tools like xen and kvm?	02:15
=== AntORG_ is now known as AntORG
=== dendrobates is now known as dendro-afk
jongbergs	Tallken, ScottK : thanks for your tip i'll try that..	02:58
MTecknology	!libvirt	02:59
MTecknology	!kvm	02:59
ubottu	kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM	02:59
MTecknology	I used vmbuilder to build VM's on my system. Then I realized I need to install libvirt-bin. I installed that and then ran virsh -c qemu:///system and in there ran list --all but none of the vm's I made show up. How can I make them show up in this list?	03:02
ChmEarl	MTecknology, (in virsh shell)#define /path/toVM.xml	03:03
MTecknology	ChmEarl: any idea where the xml files sit?	03:05
ChmEarl	MTecknology, you only ran the VM once when you installed it? Are any still running?	03:06
MTecknology	ChmEarl: I didn't run them yet, I've always started vm's from virsh	03:06
ChmEarl	to find the xml files, do #updatedb.. then locate <vmname>	03:07
MTecknology	hrm.. there was a run.sh file made that has exec kvm -m 768 -smp 2 -drive file=tmpOoaNco.qcow2 "$@"	03:07
MTecknology	there's no xml found when I do that	03:08
ChmEarl	maybe a log file?	03:09
MTecknology	I used --dest /virt/images/repono	03:09
MTecknology	there I have run.sh and tmpxYbvEy.qcow2	03:09
MTecknology	I'll try running the run.sh and see if I can find the cml	03:10
ChmEarl	k, then start then VM via the script - while its running get the virsh shell and do #dumpxml <vmname>	03:10
MTecknology	domain not found	03:11
MTecknology	ChmEarl: since I didn't do anything useful yet; would it be out of the question to delete the vm's; recreate them; but now with libvirt installed?	03:12
ChmEarl	that is OK, but don't the scripts enter a vmname now in virsh list?	03:13
ChmEarl	once the vm is running?	03:13
MTecknology	nope	03:14
ChmEarl	ok, something is broken	03:14
MTecknology	Does this look ok for creating a vm? vmbuilder kvm ubuntu --dest /virt/images/incipio --mem 768 --cpus 2 --swapsize 512 --domain incipio --ip dhcp --bridge br0	03:15
ChmEarl	never used that builder.	03:15
MTecknology	it looks like ubuntu-vm-builder is being deprecated	03:15
MTecknology	the man page says to use that instead	03:16
ChmEarl	I made a VM directly by qemu-kvm comdline	03:16
MTecknology	oh	03:16
MTecknology	I'll see what happens when I make this - maybe I'll have to jsut do it that way too	03:17
ChmEarl	there are 4 or more ways to make a VM for kvm	03:18
ChmEarl	once you have a cmdline you can convert it to domxml used by Libvirt and import/define it	03:18
MTecknology	ya.. I could do it with virt-install too, but I liked ubuntu-vm-builder; but that's going away so I figured now's the time to learn what's replacing it :P	03:19
crazygir	I'm guessing qmail should install just fine on a default ubuntu 9.10 server?	03:19
ChmEarl	virsh domxml-from-native xxyy	03:20
crazygir	I'm getting an: qmail: Depends: ucspi-tcp but it is not installable	03:20
MTecknology	I didn't think qmail was available in ubuntu repos	03:21
nightyyy	hi guys... i installed recently the ubuntu server with cloud	03:21
MTecknology	ChmEarl: hurray, they're still not being found	03:22
nightyyy	it is normal have the system just running without any instance running in eucalyptus	03:22
nightyyy	with more than the 50% of ram used?	03:22
=== dendro-afk is now known as dendrobates
nightyyy	and when i use "top" to see who is sharing that ram, there's no process with huge use	03:22
MTecknology	ChmEarl: hrm... maybe it's because I specified kvm as the hypervisor instead of qemu..	03:23
MTecknology	nope..	03:24
MTecknology	VMBuilder.exception.VMBuilderUserError: No such hypervisor. Available hypervisors: vmserver esxi xen kvm vbox vmw6	03:24
nightyyy	anyone with experience with cloud ?	03:25
MTecknology	--libvirt= - THERE	03:25
ChmEarl	MTecknology, you have a hook into libvirt? that should do it	03:27
MTecknology	ChmEarl: I guess I didn't read the man page close enough	03:29
ChmEarl	MTecknology, keep your VM's simple until you see the scheme of things... puppy linux (liveOS) is a good one	03:31
MTecknology	ChmEarl: hurray - virsh -c qemu:///system list --all \| but it's named ubuntu :S - i guess back to man	03:34
ChmEarl	MTecknology, export the domxml while its running	03:35
lukehasnoname	so I came up with an idea	03:52
MTecknology	ChmEarl: fyi - this was REALLY nice to find - vmbuilder kvm ubuntu --help	03:52
MTecknology	ChmEarl: thanks for the help :)	03:53
MTecknology	lukehasnoname: I did too, and I'm rolling it out right now	03:53
lukehasnoname	and I don't know if it's been thought of before.. so I'll throw it out there and see if it's been 'invented' already	03:53
lukehasnoname	MTecknology, feel free to chare	03:53
MTecknology	lukehasnoname: get a decent desktop system for all of my dev systems and isntead of gentoo use the system for work instead of constantly building the system - put ubuntu vm's on and don't break things	03:54
uvirtbot	New bug: #556176 in openldap (main) "slapd homedir (and some enhancements...)" [Undecided,New] https://launchpad.net/bugs/556176	03:56
MTecknology	what's your idea?	03:56
lukehasnoname	There are many well known, standard configuration files on a server. dhcpd, named, db.*, upstart confs, etc. Each one of these tend to have their own syntax check mechanism of sorts, even if it is when you start the service... so there should be a standard header syntax (or filename convention) that allows vi(m) to know what file you're editing, and check syntax on the fly. Kinda like what visudo does, but instead of be	03:57
lukehasnoname	ing its own program, it would be a plugin system for vi, like a profile.	03:57
lukehasnoname	This may already exist, but if it doesn't, it's pure genius. I spent hours in the past two days tracking down DNS/DHCP issues that ended up being simple config file errors. Should have been the first place I checked, but having a parser in vi would be awesome.	03:58
MTecknology	you can do that	03:58
MTecknology	check out gentoo, they do it a lot - ubuntu does it but to the extent they do it	03:59
crazygir	am I crazy, or has ubuntu really customized the postfix install?	04:01
crazygir	I'm trying to follow information from several different guides and it is proving difficult	04:01
MTecknology	it's not really a header thing when it comes to vim but I think vim just applies specific syntax hilighting to specific files - adding a header to the files would be a bad idea - especially when it comes to other editors	04:02
ScottK	crazygir: It's not radically different.	04:02
crazygir	I'm also not understanding what's up with master.cf, nor why main.cf is missing from /etc/postfix	04:02
crazygir	amd I missing something?	04:02
ScottK	It should be there.	04:02
crazygir	*am I	04:02
crazygir	hrm	04:02
MTecknology	crazygir: crazy likely comes into play as well - I know it does for me	04:02
ScottK	crazygir: sudo dpkg-reconfigure postfix is a good start.	04:02
lukehasnoname	herp-aderp: I knew vim had syntax highlighting... hm. Do you know where the info or syntax profiles are stored?	04:03
MTecknology	lukehasnoname: no, but you could ask in #vim - they're pretty helpful	04:03
lukehasnoname	MTecknology, nvmd	04:03
crazygir	w00t! thanks ScottK !!	04:04
lukehasnoname	I occasionally ask questions before I look for the answers myself... man vim	04:04
ScottK	crazygir: https://help.ubuntu.com/9.10/serverguide/C/postfix.html is a maintained set of documentation on postfix setup that's specific to Ubuntu.	04:04
MTecknology	lukehasnoname: sometimes it's just too easy to ask hundreds of people a question at once instead ot trying to learn it yourself by looking ;)	04:05
ScottK	(assuming you're on 9.10, use the version for your release)	04:05
MTecknology	ScottK: what's your opinion of setting up productions systems with 10.04 at this point?	04:05
ScottK	Depends on what you mean by production.	04:05
ScottK	I have a 'test server' that runs all the time, but I'm the only user.	04:06
ScottK	I'll upgrade that soon.	04:06
MTecknology	development server that shouldn't go down	04:06
ScottK	If by production you mean "I have customers who rely on my service", then I wouldn't.	04:06
ScottK	crazygir: The biggest configuration customization for Postfix in Debian/Ubuntu is that it's chrooted by default.	04:08
ScottK	Our docs cover this, but most tutorials you find on the web don't, so it is better to stick with Ubuntu specific docs.	04:08
crazygir	I was just banging my head regarding the missing files and needing to run dpkg-reconfigure	04:08
MTecknology	ScottK: does a chroot help security much?	04:08
crazygir	MTecknology: why not?	04:09
crazygir	depends on how complex maintenance is though	04:09
crazygir	when officially supported like this, it is usually pretty straightforward	04:09
ScottK	MTecknology: It's not a subsitute for apparmor or selinux, but it does help.	04:09
ScottK	The trickiest part is getting services into the chroot and I think we have those bugs all licked.	04:09
ScottK	Also, unlike rpm based systems additional run time capabilities that most people won't need are split into separate binaries (like postfix-mysql) so you don't need more installed/running than you actually need.	04:11
crazygir	what is the difference between mydestinations and virtual domains?	04:14
MTecknology	I hate it when ssh keys don't magically work perfect	04:22
crazygir	hah	04:23
crazygir	always some lining up to do	04:23
MTecknology	crazygir: I installed a new server; mkdir .ssh; vim .ssh/authorized_keys2; (put in contents of .pub); chmod 750 .ssh; chmod 644 .ssh/*; exit; ssh 192.168.1.111	04:25
MTecknology	crazygir: should work perfect just like magic, right?	04:25
MTecknology	I also jsut tried with ssh-copy-id	04:31
MTecknology	it will copy the key - but still no ssh login....	04:31
MTecknology	oh... problem with ecryptfs	04:34
MTecknology	ScottK: how do I stop using ecryptfs for a home directory?	04:35
crazygir	I do it differently, so I can't comment	04:35
crazygir	check your system's manpages for ssh too, not sure about the auth_keys2	04:36
crazygir	also.. use -vvv for debugging	04:36
MTecknology	definteily an issue with ecryptfs	04:38
MTecknology	i give - time to reinstall the server and do so without ecryptfs	04:41
MTecknology	I don't think it's meant for servers anymore	04:41
crazygir	do I need to specify configuration options such as: virtual_mailbox_base, if all I'm doing is then forwarding the emails to another domain?	04:44
MTecknology	virt-viewer is connected to the vnc server but all I get is a blinking cursor.. GAH!	04:52
MTecknology	closer anyway - sleep time	04:54
fintn	anyone knows why sound only works for root after installing alsa on lucid?	05:48
fintn	(I'm using an onboard Intel HDA card)	05:48
=== swift__ is now known as swift
twb	I don't suppose anybody still cares, but Hardy's m-a borks, at least on netfilter-extensions-source, because of an implicit dependency on dpatch.	08:15
twb	http://paste.ubuntu.com/409897/	08:21
cloakable	twb: Probably not. That version isn't supported anymore, iirc.	08:25
twb	April 2008 plus five years makes it supported until April 2013.	08:26
ttx	twb: we do care and yes it's still supported.	08:26
twb	(Except for all the packages in LTS that aren't considered "server" packages, sigh.)	08:26
ttx	what's m-a ?	08:26
twb	ttx: module-assistant.	08:26
twb	ttx: the thing before DKMS	08:26
ttx	ack	08:26
ttx	twb: how is the error in your log related to dpatch ?	08:28
twb	ttx: that was a different error :-)	08:30
ttx	ah :)	08:31
uvirtbot	New bug: #556285 in samba (main) "cannot change password of AD user when using pam_winbind" [Undecided,New] https://launchpad.net/bugs/556285	09:11
_ruben	anyone have any clue as to what could the cause of messages like this: sudo: pam_unix(sudo:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root	09:13
cloakable	failed sudo commands	09:14
_ruben	but it doesnt mention which user supposedly caused it	09:14
cloakable	have a root through your logfiles :)	09:15
cloakable	auth.log, I think	09:16
cloakable	Hmmm	09:16
cloakable	_ruben: It seems the user trying to sudo is root	09:17
_ruben	why would root fail to sudo as root?	09:18
cloakable	i've not the foggiest.	09:18
_ruben	and i'd expect logname=root in that case	09:19
_ruben	hrm .. the very first entry does show logname=root and its on a tty, now i know who to ask/slap	09:20
uvirtbot	New bug: #556312 in libvirt (main) "libvirt packages should not Recommend hypervisor packages" [Undecided,New] https://launchpad.net/bugs/556312	10:11
uvirtbot	New bug: #556315 in libvirt (main) "problem with operations on qemu/kvm guest" [Undecided,New] https://launchpad.net/bugs/556315	10:16
uvirtbot	New bug: #556332 in bind9 (main) "leftover /etc/init.d/bind9.dpkg-dist on 9.10 -> 10.04" [Undecided,New] https://launchpad.net/bugs/556332	10:46
uvirtbot	New bug: #556342 in samba (main) "winbind pam profile doesn't get installed or removed when package is installed/removed" [Medium,In progress] https://launchpad.net/bugs/556342	10:56
uvirtbot	New bug: #556343 in bind9 (main) "upgrade error on 8.04 -> 10.04 " [High,New] https://launchpad.net/bugs/556343	10:56
=== swift_ is now known as swift
incorrect	newbie question, how on earth do you get into the grub menu now, it goes past so fast and there is no hit esc to get the menu	12:00
jasonmchristos	try searching on how to edit grub config to add a 30 second pause	12:03
incorrect	its a bit late for that,	12:04
jasonmchristos	how so	12:04
jasonmchristos	i think the file wouls be in /boot	12:04
incorrect	i goofed my bonding and well, the system is grindly slow has it times out trying to get the DNS entry for ldap servers	12:05
incorrect	oh thank god i set a root password	12:05
jasonmchristos	why are you so thankeful about that	12:06
incorrect	because i can get into the system	12:06
jasonmchristos	whats the diffrence	12:06
jasonmchristos	u cant get into the system with other usernames?	12:06
incorrect	set up ldap auth, break the network config	12:07
incorrect	then try logging in using a local user	12:07
=== swift__ is now known as swift
=== dendrobates is now known as dendro-afk
zul	ttx: ping i backported mod-reqtimeout for lucid, its suppose to help against slowloris, do I need a FFE for it?	12:54
ttx	zul: is is a new source package ?	12:54
zul	ttx: nope its a patch	12:54
twb	slowloris as in Solaris?	12:55
zul	twb: no slowloris as in apache dos hack	12:55
twb	Oh.	12:55
ttx	zul: does it add new config directives ?	12:55
jasonmchristos	i got all these rootkits i dont think im ever going to use beta software again	12:55
zul	ttx: yeah i backported it from 2.2.16 and enabled it	12:56
ttx	is it disabled by default ?	12:56
jasonmchristos	im considering going back too ubuntu 8.0.4	12:56
zul	nope enabled by default	12:56
twb	I don't run fancy-pants httpds, because dynamic content is new-fangled rubbish :-)	12:56
ttx	zul: definitely FFe-worthy, I wonder if it should not be disblaed by default to ease the acceptation of it	12:56
henkjan	incorrect: hold shift while booting to enter the grub2 menu	12:56
zul	ttx: ack	12:57
ttx	zul: having someone from security comment on its desirability would definitely help	12:57
twb	jasonmchristos: if you're really concerned about security, you might want to look at OpenBSD.	12:57
zul	ttx: sure	12:57
mdeslaur	jasonmchristos: rootkits? what rootkits?	12:58
jasonmchristos	thats what they said about linux when i was on microsoft then another room told me solaris is unhackable	12:58
jasonmchristos	rootkits are basically backdoors	12:58
* ttx chuckles		12:58
jasonmchristos	back orafices	12:58
twb	I think mdeslaur's point is that you don't get a rootkit unless you're already compromised some other way.	12:59
ttx	jasonmchristos: we know what rootkits are. What rootkits doid you get "running beta software" ?	12:59
mdeslaur	jasonmchristos: I know what a rootkit is. Please tell me what rootkit you have.	12:59
jasonmchristos	one scanner says SUCKIT the othr says Zxibit	12:59
twb	jasonmchristos: see also #ubuntu-hardened	13:00
jasonmchristos	thanks	13:00
jasonmchristos	this was on the lucid beta	13:00
jasonmchristos	im still going to scan my server	13:00
mdeslaur	jasonmchristos: those are probably false alerts in the scanning software you used. Could you tell me which scanners you used so I can fix the false alerts?	13:00
jasonmchristos	rkhunter and chkrootkit	13:01
jasonmchristos	by default lucid had some open port	13:01
jasonmchristos	i guess thats where the rootkit got in	13:01
\sh	jasonmchristos, lucid beta has no rootkits by default...if you have at least one, you got it before...or the scanner is wrong	13:01
jasonmchristos	in the 6xxxx range	13:01
twb	jasonmchristos: what open port?	13:01
mdeslaur	jasonmchristos: did you use the rkhunter and chkrootkit packages, or did you download them?	13:02
jasonmchristos	packages	13:02
jasonmchristos	from repo	13:02
jasonmchristos	well as soon as i installed lucid it had a listening port	13:03
jasonmchristos	i installed it on a blank drive	13:03
twb	jasonmchristos: did you install using the server install CD?	13:03
jasonmchristos	i dont mean to bother you guys but im actually talking about a dsktop my server is karmic going to scan and make sre it didnt creap its way over there	13:04
twb	jasonmchristos: that's an important datum you should've mentioned up-front.	13:04
\sh	jasonmchristos, when you tell us something about a rootkit, an open port, and "it got through this open port" we are very interested...because this would be a serious security issue...which needs to be addressed...	13:04
twb	jasonmchristos: did nmap or netstat/ss report what process was listening on that port?	13:04
jasonmchristos	i know but i figured server is the same except with the desktop package installedd	13:05
jasonmchristos	thats what i did not know how to check	13:05
jasonmchristos	i also have a packet sniffer installed on wlan0	13:05
twb	jasonmchristos: is the port open right now?	13:07
jasonmchristos	let me try an check	13:07
jasonmchristos	why u want to login?	13:07
jasonmchristos	lol	13:07
* \sh just remembered the story "The Boy Who Cried Wolf"		13:07
twb	jasonmchristos: no, so that we can (dis)prove your assertions	13:08
jasonmchristos	no im serious im not cring wolf	13:08
jasonmchristos	what u think rkhunter and chkrootkit r lying?	13:08
mdeslaur	jasonmchristos: rkhunter detecting Xzibit is a false alert, I can reproduce it and will fix it	13:09
twb	jasonmchristos: I think it's likely you're analysis is faulty.	13:09
\sh	jasonmchristos, yes...	13:09
jasonmchristos	dont matter im going to do a fresh install karmic never produced these	13:09
jasonmchristos	someone go ahead and rn backtrack at my ip	13:09
twb	jasonmchristos: we can't fix an issue if we can't reproduce it.	13:10
mdeslaur	jasonmchristos: do as you wish	13:10
jasonmchristos	well what do you want me to do	13:10
jasonmchristos	u want my rkhunter and chkrootkit logs?	13:10
mdeslaur	jasonmchristos: I just told you rkhunter is broken, it's detecting a rootkit in lucid for everyone. I'll get it fixed.	13:10
twb	jasonmchristos: what I want you to do is answer my questions.	13:11
jasonmchristos	im looking at my netstat and there are so many ports open now i cant remember which was open after a fresh install	13:11
jasonmchristos	trying to answer you	13:11
jasonmchristos	what about the packet sniffer on wla0?	13:12
twb	jasonmchristos: what about it?	13:12
jasonmchristos	that also a flse alarm?	13:12
twb	!smart questions	13:12
twb	Stupid bot	13:12
jasonmchristos	go go gadget bot	13:13
jasonmchristos	lol	13:13
Pici	!gq	13:13
ubottu	Are you sure your question allows us to help you? Please read http://www.sabi.co.uk/Notes/linuxHelpAsk.html to understand how to ask a 'better' question.	13:13
mdeslaur	jasonmchristos: please post your rkhunter and chkrootkit logs	13:13
mdeslaur	jasonmchristos: or, alternatively, you can send them to security@ubuntu.com and I'll look at them	13:13
jasonmchristos	ok hold on just for you guys ill let u tinker for a bit but after this if you can help explain or direct me too a tut on how to inject the crypto disk key for my home directory to a fresh install those were my plans	13:14
twb	jasonmchristos: while you're at it, the output of "sudo ss -nap"	13:14
jasonmchristos	ok im on it	13:15
jasonmchristos	where is the chkrootkit logs?	13:17
jasonmchristos	i already attached the rkhunter	13:17
jasonmchristos	ill just run it again and cut n paste	13:17
ttx	smoser, hggdh; ping me when around	13:18
jasonmchristos	funn all of this sudden it isnt detecting the SuckIT rootkit	13:19
twb	jasonmchristos: btw, you might want to filter 8080 on the internet side unless you actually want people banging against it.	13:20
jasonmchristos	it poen?	13:20
jasonmchristos	open?	13:20
twb	jasonmchristos: it's open at the TCP level, meaning that squid has to 401 instead of ICMP rejecting it cheaply in the kernel.	13:21
twb	Normally I'd tell internal services to only bind to internal interfaces, but I don't know offhand how to tell squid that.	13:21
twb	(That and a default-deny netfilter.)	13:22
jasonmchristos	twb: thats my remote manegment on my router	13:23
jasonmchristos	i figured thats better to leave open than an SSH port	13:23
jasonmchristos	but then i can always use 8080 to open my ssh port when i need it	13:23
jasonmchristos	whatever port that was it was upnp capable but its not up anymore because i dont see any upnp ports open but right after a fresh install it was in the 6xxxx range	13:25
jasonmchristos	suckit must have self destructed but rkhunter still detects zxibit	13:25
jasonmchristos	have the email ready	13:25
twb	Isn't upnp one of those gaping-hole "features"/	13:25
jasonmchristos	lol	13:26
jasonmchristos	i think im going to disable it	13:26
mdeslaur	jasonmchristos: rkhunter is broken	13:26
twb	http://en.wikipedia.org/wiki/Upnp#Lack_of_Default_Authentication	13:26
jasonmchristos	ok who wants this email with all the outputs	13:26
twb	!pastebin	13:26
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://tinyurl.com/imagebin \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	13:27
jasonmchristos	its had to get voip like ekiga to work without upnp because it uses rando mports	13:27
twb	My job is to make the network safe, not useful	13:28
jasonmchristos	http://paste.ubuntu.com/410006/	13:30
jasonmchristos	lol good point twb	13:30
jasonmchristos	do you work for ubuntu or another company?	13:30
RoyK	ubuntu isn't a company :)	13:31
RoyK	canonical is, though	13:31
\sh	twb, this would make a nice quote ;) "twbs job is to make the network safe, not useful" ;)	13:31
twb	I work for cybersource.com.au	13:31
twb	FSVO work = drink their coffee and use their link.	13:32
twb	jasonmchristos: the only thing listening on a high port there is skype, which is not part of Ubuntu.	13:32
jasonmchristos	yeah it sems to have dissapeard	13:33
twb	jasonmchristos: well, get back to us when you can reproduce the issue	13:33
jasonmchristos	the xzibit thing is there	13:33
twb	We've already covered that	13:34
jasonmchristos	if u think its a false alarm u want to fix	13:34
jasonmchristos	thought u guys ant to fix it	13:34
mdeslaur	jasonmchristos: I've opened bug 556455 for the false alarm, and I'll fix it today	13:34
uvirtbot	Launchpad bug 556455 in rkhunter "rkhunter incorrectly detects Xzibit Rootkit in Lucid" [Undecided,New] https://launchpad.net/bugs/556455	13:34
twb	jasonmchristos: bugs that can't be reproduced can't be isolated, and thus can't be fixed.	13:34
psyferre	hey folks, can anyone help with a permissions issue please? I've need to give a group rw access to a mounted network share. I've tried everything that seems relevant on https://help.ubuntu.com/community/MountWindowsSharesPermanently, but can only manage to write with the root user. The other user in the group cannot write.	13:35
twb	psyferre: is the network share CIFS, NFSv3, NFSv4, or something else?	13:36
jasonmchristos	looks like samba	13:36
psyferre	twb: I tried cifs and smbfs	13:36
twb	Sorry, I didn't read	13:36
psyferre	The machine on the other end is a netapp storevault	13:36
twb	psyferre: smbfs is obsolete; you should only need to try cifs.	13:36
jasonmchristos	yeah but i think you need to edit the fstab	13:38
psyferre	twb: okay, thanks. My current fstab has: //nas01/shares/ /network/nas01/shares cifs rw,_netdev,username=DOMAIN/user,password=password,dir_mode=775,gid=1001 0 0... does that seem right?	13:38
twb	-ogid is how I'd do it with NTFS; and that wiki article seems to indicate the process is the same for CIFS.	13:38
twb	psyferre: do you really have a user on the NAS called "DOMAIN\user"?	13:39
psyferre	twb, well, no... I edited out the real domain and user name for security purposes	13:39
twb	If I can do something useful by knowing your domain and username, you have BIG problems.	13:39
psyferre	twb: heh, true enough. :) I'd prefer to be on the safe side though :)	13:40
twb	Does "getent group 1001" return the correct group?	13:40
psyferre	yes	13:40
jasonmchristos	i think you need to add the ,user optiojn	13:40
twb	Is it a primary or secondary group?	13:40
psyferre	secondary	13:41
twb	Has the test user logged out and back in since you added them to that secondary group?	13:41
psyferre	jasonmchristos: just tried adding ,user and there's no change	13:41
jasonmchristos	psyferre: i wrote a howto for nfs http://blog.jasonmchristos.info/search?q=nfs but i had to make it readable by something other than root so try this	13:42
jasonmchristos	just change it to cifs or whatever	13:42
psyferre	twb: hmm... i've been logged in as root and then used su to switch to my other user	13:42
twb	psyferre: do you have the other user's password? If so, best to test by switching to a getty and doing a full login.	13:42
twb	psyferre: otherwise, at least try with "su - fred" instead of "su fred"	13:42
MTecknology	Is indentation important in /etc/network/interfaces ?	13:43
jasonmchristos	whatever i did in the howto made my nfs mountable bu users without sudo	13:43
twb	MTecknology: no.	13:43
psyferre	thanks, jasonmchristos, I'll check that out	13:43
MTecknology	twb: thanks- I musta screwed up somewhere else - I hate not being able to fix my own server because I screwed up :(	13:44
twb	MTecknology: pastebin it	13:44
psyferre	twb: hmm... thanks. I didn't know there was a difference between the two	13:44
psyferre	twb: i just opened a new putty session and logged in with the second user directly, same deal	13:44
twb	psyferre: did the mount operation give an error?	13:44
psyferre	twb: no	13:44
twb	psyferre: does dmesg contain anything suspicious?	13:44
MTecknology	twb: to the best of my memory - I can't touch the system until somebody fixes it for me - http://dpaste.com/179992/	13:45
twb	And to confirm: root can still read and write files in the share?	13:45
jasonmchristos	psyferre: after adding the user u have to reboot i think	13:46
jasonmchristos	because the fstab needs to be reloaded	13:46
zul	mdeslaur: hey would you have some time to review a apache backport patch for me later today?	13:46
psyferre	twb: Nothing seems suspicious in dmesg, root can still read and write	13:47
psyferre	jasonmchristos: mount -a doesn't do that?	13:47
twb	psyferre: pastebin the output of "ls -la" on the mountpoint.	13:47
mdeslaur	zul: sure	13:47
zul	mdeslaur: nifty thanks	13:47
psyferre	twb: http://pastebin.com/wwgQbDhJ	13:48
jasonmchristos	psyferre: i think you just need to add the use option to fstab and reboot so it reloads fstab	13:50
twb	That's the mountpoint's parent	13:50
jasonmchristos	*user	13:50
twb	but tom:root looks pretty suspicious.	13:50
twb	I'd expect it to be tom:my_cifs_group or whatever	13:50
jasonmchristos	then users other than root will be able to mount the share	13:50
psyferre	twb: yeah, i agree.	13:50
twb	psyferre: did you unmount and re-mount after editing fstab?	13:51
psyferre	jasonmchristos: unfortunately, a reboot isn't a good option at the moment... one of these machines is a production database	13:51
twb	mount -a won't notice changes to mount options in fstab	13:51
psyferre	twb: AH. That's it then.	13:51
jasonmchristos	ok well i think fstab just hasnt reloaded with the , user option	13:51
* psyferre puts his head in his hands and cries softly		13:51
smoser	ttx, here	13:52
jasonmchristos	i dont know exactly how to reload fstab without a reboot	13:52
cloakable	jasonmchristos: edit it, then remount the drive	13:52
bogeyd6	twb, mount -a is made to re-read fstab	13:52
cloakable	Ah	13:52
bogeyd6	twb, mount -a causes all file systems mentioned in fstab (of the proper type and/or having or not having the proper options) to be mounted as indicated, except for those whose line contains the noauto keyword	13:53
psyferre	twb: one moment, gotta remember how to unmount.....	13:53
psyferre	bogeyd6: so unmounting is not necessary in this case?	13:53
bogeyd6	umount	13:53
psyferre	that's what I thought... just umount and then the share name?	13:54
bogeyd6	i came in halfway	13:54
bogeyd6	ill let the other finish	13:54
twb	bogeyd6: erm, even if they're ALREADY mounted? You're suggesting mount -a will result in a mount -oremount on my root filesystem?	13:54
ttx	smoser: looking at http://iso.qa.ubuntu.com/qatracker/test/3880, we only have the "instance run" test. I asked hggdh to add a cloud-config test, ISTR you have something for that... is there a testcase written somewhere in the testcases wiki ?	13:55
mdeslaur	jasonmchristos: I've just uploaded a fixed rkhunter to the archive that doesn't falsely detect the rootkit anymore	13:55
mdeslaur	jasonmchristos: in a couple of hours it should be available	13:55
jasonmchristos	cool, mdeslaur how were you sure that it was false?	13:56
ttx	smoser: could you sync with hggdh so that a test covering that is available for cloud images in general (UEC+EC2) ?	13:56
bogeyd6	twb, im saying if you edit fstab and then mount -a it will mount the filesystem with the new options	13:56
twb	psyferre: is it working now?	13:56
jasonmchristos	mdeslaur: will this update be available to replaice the main rkhunter package?	13:56
ttx	smoser: Also there isn't any EC2 candidate right now, so I can't see if the "single instance" test was removed (we should have "multiple instances" and "cloud-config")	13:57
mdeslaur	jasonmchristos: because I looked at the check it was performing, and it wasn't right for lucid	13:57
mdeslaur	jasonmchristos: yes, it will replace the one that is there	13:57
twb	bogeyd6: you're wrong, at least on Sid.	13:57
jasonmchristos	do i get karma points for this ?	13:57
smoser	ttx, http://bazaar.launchpad.net/%7Esmoser/%2Bjunk/ec2-test/files/head%3A/user-data/ is what i have for cloud config. I put together 3 different cloud config files that excercise a fair amount of the function. (ud-* there)	13:57
smoser	ttx, well, lets make an ec2 candidate then	13:58
twb	jasonmchristos: you get a warm fuzzy feeling of having saved some other schmuck from shaving the same yak	13:58
jasonmchristos	lol	13:58
psyferre	twb, bogeyd6: I get unmount error 16 = Device or resource busy when trying to umount... do i need to stop cifs or something?	13:58
smoser	i'll start writing a test case for the user data	13:58
twb	psyferre: ask lsof what is using that filesystem	13:59
twb	psyferre: if you're an incurable cd-er, it's probably your shell	13:59
twb	There's mount -f and mount -l, but those are plan B.	13:59
smoser	ttx, should i just edit http://testcases.qa.ubuntu.com/System/EC2CloudImages ?	13:59
ttx	smoser: sounds good	14:00
psyferre	twb: root@prometheus02:/# lsof /network/nas01/shares lsof: WARNING: can't stat() cifs file system /network/nas01/shares Output information may be incomplete.	14:00
twb	psyferre: ugh	14:00
ttx	if there is some duplication of info between the EC2 and the UEC tests, maybe play some include game to avoid copying	14:00
ttx	SmokeyD: ^	14:01
ttx	smoser: ^	14:01
ttx	arh :)	14:01
twb	psyferre: if this host isn't important, just bounce it. It's not worth isolating.	14:01
psyferre	twb: What do you mean by incurable cd-er?	14:01
jasonmchristos	im going to start banging a hammer on my kitchen cabinets	14:01
twb	As in, you cd into whatever dir you're going to use instead of using your shell's tab completion	14:01
ttx	smoser: also on this page the "multiple instance" and "single instance" tests should be collapsed into a single test with clear instructions on what should be tested.	14:02
psyferre	twb: hmm... i use tab completion anytime I know exactly where I'm headed. So, cd-ing through a directory tree is not just inefficient but somehow generates open handles?	14:04
psyferre	twb: i was able to reboot this host and now my secondary user doesn't have read OR write permission	14:08
MTecknology	twb: did you see anything wrong with that pastebin?	14:10
twb	MTecknology: didn't look	14:14
twb	MTecknology: I assume you create the bridge elsewhere?	14:14
smoser	ttx, so you're wanting one page that lists tests of UEC images, and one that lists test of EC2 images ?	14:15
twb	MTecknology: how does it know whether eth0's gateway or br0's gateway should be the default?	14:15
twb	psyferre: what does ls -la say about the mountpoint?	14:16
ttx	smoser: not really. If some tests are applicable to both, then one is sufficient	14:16
ttx	smoser: if only part of the test applied, then include could help	14:16
ivoks	hi	14:16
ivoks	oh, ttx	14:16
ivoks	mail	14:16
ivoks	reply	14:17
uvirtbot	New bug: #556487 in libvirt (main) "virConnectOpen chooses qemu:///session before qemu:///system" [Undecided,New] https://launchpad.net/bugs/556487	14:17
smoser	ttx, yeah. so, for ec2, most of the test running is automated.	14:17
ivoks	now	14:17
ivoks	:)	14:17
smoser	i'm not sure if that works or not for euca	14:17
MTecknology	twb: bridge_ports eth0	14:17
psyferre	twb: http://pastebin.com/4yxs7uPT	14:17
MTecknology	twb: I just noticed that I should have iface eth0 inet dhcp -> iface eth0 inet manual	14:17
ttx	smoser: I'll fire up an UEC install now for the current ISo testing, so if you have anything I should play with, let me know	14:18
zul	mdeslaur: when you get a chance http://people.canonical.com/~chucks/apache2-mod-reqtimeout.debdiff	14:18
ttx	ivoks: and you're sure now ?	14:21
ivoks	ttx: yes :)	14:21
ttx	heh	14:21
mdeslaur	zul: wow! you backported half the new version? :)	14:22
ivoks	!!!!	14:22
ivoks	cluster stack has been accepted in debian	14:22
ivoks	now we can just sync.	14:22
zul	mdeslaur: heh....crap...	14:22
mdeslaur	zul: url in 206-fix-potential-memory-leaks.dpatch doesn't work	14:22
abssorb	Hi, looking for suggestions to centralise /home. Using autofs but hangs are too frequent	14:23
incorrect	whatever happened to the ubuntu directory server?	14:24
cloakable	abssorb: I use NFS for that	14:25
kklimonda\|G1	incorrect: there has been something like that?	14:26
cloakable	abssorb: export /home from the server, and import it on your clients.	14:26
abssorb	cloakable: autofs uses NFS	14:27
incorrect	kklimonda\|G1, there was	14:27
cloakable	abssorb: use nfs directly, cut out autofs	14:28
psyferre	twb: I chowned root:zrmgroup until the path to the share looked correct http://pastebin.com/AxDMSYqS	14:29
twb	psyferre: er, yeah... good luck with that.	14:29
abssorb	cloakable: Interesting. But how do two users mount their own /home/username with their own permissions?	14:29
twb	psyferre: those modes look pretty dodgy.	14:29
twb	psyferre: if you umount and mount, does it all reset back to the broken state?	14:30
psyferre	twb: I agree... looks like from the mount on everything went off. I can still only read and write as root, and secondary user can't even read	14:30
cloakable	abssorb: /home is mounted from the server, so all home directories are available, and if you keep UID/GID constant between desktop/server, the permissions will be correct too.	14:31
psyferre	twb: still can't umount... says the device is busy	14:32
cloakable	abssorb: I'm just careful about adding users, myself :)	14:32
abssorb	cloakable: Yes, add UID and GID match. In my experiments with plain NFS, the user mounting the volume sets the UID and the GID. So user-switching is compromised.	14:32
psyferre	twb: I've just have to keep rebooting.	14:33
cloakable	abssorb: if you set it in fstab, /home is mounted during bootup, and stays mounted.	14:33
cloakable	abssorb: so home directory <user> stays belonging to that user, and home directoy <user2> stays belonging to <user2>	14:34
cloakable	abssorb: it's as if the partition is local, rather than on the central server.	14:35
RoAkSoAx	ivoks, heya!!	14:35
ivoks	RoAkSoAx: hi	14:36
RoAkSoAx	ivoks, how is it going?? Where you able to review the packages I prepare?	14:36
zul	ivoks: congrats	14:36
abssorb	cloakable: Ah I see, you mean instead of mount /home, I mount /home/user1 and /home/user2. That would mean re-writing the new users creation tools on the server. OK I suppose. Before I do that, what advantage does NFS give me over Autofs, in terms of surviving hangs?	14:37
cloakable	abssorb: no, put "server:/home /home nfs auto 0 0" into your fstab. And advantages? If the server goes down, it'll hang untill the server comes back up, then it'll resume working again.	14:40
mdeslaur	zul: what about this: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/allmodules.xml?r1=917211&r2=917210&pathrev=917211	14:41
zul	mdeslaur: it didnt apply	14:41
cloakable	abssorb: If you mount the nfs export as if it's a partition, it'll act like one. permissions and all. No user will need to mount their /home directory, because /home itself is mounted on bootup.	14:42
mdeslaur	zul: how could it not apply...	14:42
zul	mdeslaur: dunno it didnt	14:42
abssorb	cloakable: I've tried that, it only works properly for a single user per client.	14:43
cloakable	abssorb: I've never had problems with it. Are you using autofs+nfs or pure nfs?	14:44
cloakable	abssorb: because when I mount from my server, all the permissions are correct.	14:44
abssorb	Both	14:44
mdeslaur	zul: the rest looks great	14:44
abssorb	cloakable: They would be for the first user to log in.	14:45
zul	mdeslaur: nifty thanks	14:45
cloakable	drwxr-xr-x 63 cloakable cloakable 16384 2010-04-06 14:06 cloakable	14:45
cloakable	drwxr-xr-x 3 rune rune 88 2010-03-27 18:34 rune	14:45
cloakable	that's on NFS	14:45
abssorb	cloakable: OK thanks, There must be another reason why it didn;t work on our setu	14:46
cloakable	abssorb: yeah. Not sure about that.	14:46
abssorb	cloakable: Re the advantage, about recovering when a server comes back up, autofs relies on nfs to achieve this, but it's not working. Will removing the use of autofs somehow influence this? Because that would be the only reason to stop using it (it works perfectly otherwise).	14:50
RoAkSoAx	zul, may I ask what are the congrats to ivoks for? :)	14:50
zul	RoAkSoAx: get the cluster stuff in debian, congrats to you too	14:51
RoAkSoAx	zul, hehe I did little this time but thanks :)	14:51
cloakable	abssorb: I'm not sure, I don't use autofs myself, it always seemed inelegant to me :)	14:52
abssorb	cloakable: I does look inelegant :) But is actually an elegant way of solving some permission problems. I looked over my notes, when I tried last, a direct export of /home over plain NFS resulted in problems for users whose primary group was one other than the default. This gave problems with users getting ".dmrc wrong permissions" errors.	14:56
cloakable	abssorb: Aha. I generally run a standard network :)	14:57
abssorb	cloakable: You've given me lots of useful things to think about. Thanks!	14:58
RoAkSoAx	ivoks, whenever you have time please review the cluster packages at ppa:andreserl/ha, to be able to copy them to the ubuntu-ha ppa and then request the sync to get them into lucid asap. I'll be off for a while, so just let me know. Thanks :)	15:06
ivoks	RoAkSoAx: don't copy those	15:07
ivoks	RoAkSoAx: there are some changes needed	15:07
ivoks	RoAkSoAx: we'll sync from debian	15:07
ttx	zul, smoser, kirkland: I'll need each of you to cover part of the ISO tests, mathiaz won't have much time for it this time around. Expect a new server beta2 candidate in the next hours	15:08
smoser	ttx, should we call the ec2 images candidates ?	15:08
smoser	or do we need to respin?	15:08
ttx	I'd wait for the Server ISo respin, to be sure to catch the latest boot process	15:09
zul	ttx: sure no problem	15:09
hggdh	ttx: I am here, you pinged me?	15:10
ttx	hggdh: yes about the ISo testcases	15:11
ttx	hggdh: the UEC topologies look alright	15:11
uvirtbot	New bug: #556528 in euca2ools (main) "euca2ools config file overrides environment" [Undecided,New] https://launchpad.net/bugs/556528	15:11
ttx	hggdh: please sync with smoser about the cloud images testcases	15:11
hggdh	ttx: will do	15:12
ttx	hggdh: we need "multiple instance run" and "user-data test" for EC2 cloud images, and "instance run" and "user-data test" for UEC images	15:12
ttx	hggdh: he is working on the contents	15:12
RoAkSoAx	ivoks, those packages are the same as the debian-ha hg repo, including latest commits for cluster-glue (your perl changes and --disable-fatal-warnings) so in essence they are the same packages	15:12
hggdh	ttx: will they be mandatory, or optional?	15:13
ttx	mandatory	15:13
hggdh	roj	15:14
ivoks	RoAkSoAx: ok then, i'll recheck	15:14
ivoks	RoAkSoAx: i've looked at those yesterday	15:14
alvin	I'm experiencing very high loads on ubuntu-server with KVM since the latest kernel update. Any pointers as to where to search for the cause? kern.log contains "task xxxx blocked for more than 120 seconds" and a trace. Virtual machines crash randomly. The trace contains stuff with 'ext4' in it.	15:15
alvin	I'm seeing this on 3 servers now, after the update.	15:15
alvin	Oh, and libvirt is frozen. I can't give any virsh commands anymore	15:16
alvin	No destroying/rebooting the crashed servers possible. I don't like restarting libvirt, and I certainly don't like restarting the servers. They are headless and I'm certain the root device will not be found anymore.	15:17
RoAkSoAx	ivoks, ok :) anyways...the only change I dont think I have in pacemaker is the commit that was done 2 hours ago, but it's easily mergeable. cluster-glue already include the changes of the commit done an hour ago. and as I said, heartbeat and cluster-agents are 7 days old in the hg repo, which are the same I already have packaged	15:19
ivoks	great	15:19
alvin	Part of the logs (scroll for stack stuff): http://paste.ubuntu.com/410068/	15:19
kirkland	ttx: sure thing, i usually do a few rounds myself	15:23
kirkland	ttx: i'll cover the UEC and raid ones	15:23
alvin	Whoah. I lost connection to the virtual host and all its guests... I did nothing. Server dead.	15:25
alvin	Bye, bye server :-( I'll have to drive there now	15:28
alvin	Meanwhile, two other servers are slowly crashing and I found the closest bug: bug 522014	15:29
uvirtbot	Launchpad bug 522014 in linux "kernel bug 2.6.31-17-server with hung_task_timeout_secs " [Undecided,New] https://launchpad.net/bugs/522014	15:29
alvin	It could also be bug 276476	15:36
uvirtbot	Launchpad bug 276476 in linux "INFO: task blocked for more than 120 seconds causes system freeze" [Medium,Fix released] https://launchpad.net/bugs/276476	15:37
zul	ill take the hardy->lucid upgrade tests	15:38
sherr	alvin: this is server 9.10 64 bit or ?	15:38
sherr	alvin: when you say lost connection to "virtual host and all its guests" - what is the host? Surely not a VM itself?	15:39
alvin	sherr: No, the hosts are Ubuntu 9.10, amd64 (all of them). The guests are ubuntu Jaunty, Karmic and Windows. With lost connection, I mean: I have no longer access to the guests (ssh, or their services) and ssh to the host.	15:40
alvin	I can no longer ping the host either	15:41
alvin	Two other hosts here show the same: if there is heavy I/O (cp a kvm image for example), the kernel logs starts to show errors, the copy goes slow (5MB/sec) and the load goes insane. After a while things calm down and the copy speeds up again.	15:42
alvin	All machines run lvm+ext4. 2 of them have mdadm raid	15:43
alvin	the other one has hardware raid, but all show these hung_task_timeout_secs errors (for kvm, kjournald, pdflush)	15:43
sherr	alvin: hmm. The log you pasted almost looks like a bad disk or cable (ATA) ... not sure.	15:44
alvin	Ah, that was before that machine went down. I checked the RAID (mdadm status). everything was perfectly ok	15:44
sherr	I have left off ext4 until "now" (well, from now), waiting for everything to get shaken out. Especially for things like KVM etc. Who knows?	15:45
alvin	And since two other machines show the same errors, we can safely assume they are related. All those machines where rebooted this weekend, so they got the latest kernel.	15:45
alvin	It has worked well for months. Karmic has proven to be unreliable to boot, but not on the ext4 part.	15:45
sherr	Well, good luck. I hope to retry KVM sometime in the future. So far, it's not worked so well for me (performance).	15:46
alvin	Now, I don't know if ext4 is the cause. Looks more like an io_scheduling problem.	15:46
alvin	Actually, I tested performance here and it was slightly better than the same machine on VMWare (only marginally)	15:46
sherr	This is the thing with Linux/Ubuntu ... always upgrade cycle and shaking out new things (new bugs)!	15:46
alvin	Well, you can't expect users to test your sofware. That's the problem.	15:48
ttx	kirkland: if you cover the UEC, please run them manually from ISO... I want us to catch any error in the messages as well (like "bad defaults proposed")	15:52
ttx	I'll try to cover them anyway, but two looks can't hurt	15:53
ttx	(just did a "topology 1" test on amd64, works like a charm, fwiw)	15:53
ivoks	has anyone tried using vmbuilder without kvm-enabled hardware?	16:02
ivoks	shouldn't that work and just use qemu?	16:02
jarray52	When trying to network boot, I get the following error message: Gave up waiting for root device. Common problems: ... This happens after the DHCP request is answered and the tftp sends the kernel image. I'm having trouble with the nfs.	16:08
jarray52	Any suggestions?	16:08
ivoks	nfs before network?	16:08
ivoks	nfs before portmap?	16:08
jarray52	ivok: no	16:08
jarray52	ivoks: I never tried using it.	16:09
ivoks	using what?	16:09
jarray52	ivoks: I never tried using nfs before this.	16:09
ivoks	eh, your first NFS experience is with root on NFS?	16:10
ivoks	try with something easier :)	16:10
ivoks	s/try/start/	16:10
jarray52	ivoks: Do you mean /etc/init.d/nfs-kernel-server start? I ran that command, and nmap <ipaddress> shows that nfs is up and running on port 2049 and rcpbind on port 111.	16:14
ivoks	and nfs-common?	16:15
jarray52	ivoks: I installed it.	16:15
ivoks	is there a guide you are following for seting up root on nfs?	16:16
ivoks	and which version of ubuntu are you using	16:16
ivoks	?	16:16
twb	jarray52: you should be asking rpcinfo before nmap	16:16
twb	ivoks: it's not really done anymore.	16:17
twb	The nearest real-world cases I can think of are LTSP5 and puppet/cfengine.	16:17
jarray52	ivoks: ubuntu 9.04 and i'm following this guide https://wiki.edubuntu.org/EasyUbuntuClustering/UbuntuKerrighedClusterGuide	16:18
ivoks	so, you appended this to the kernel:	16:20
ivoks	root=/dev/nfs nfsroot=server_ip:/path	16:20
ivoks	?	16:20
alvin	jarray52: I don't want to confuse you, but I have seen that message a lot of times on non-NFS root servers. I then just keep rebooting until the root drive is found. It's a known bug.	16:20
twb	You'd also need boot=nfs, IIRC	16:20
twb	The relevant code is in the ramdisk, which is built from /usr/share/initramfs-tools/ and /etc/initramfs-tools/	16:21
ivoks	alvin: or run mount -a ; exit	16:21
jarray52	alvin: Must have rebooted 20+ times. Also, try setting a rootdelay... saw a post about it.	16:21
ivoks	in 9.04 there is a bug where network is up after nfs services are started	16:21
alvin	ivoks is right. If you wait a bit and then run mount -a, you can resume	16:21
twb	alvin: that's not a fix, that's a workaround for not understanding your symptoms	16:21
ivoks	meaning that you can't mount NFS share	16:21
alvin	That bug is still in 9.10	16:21
ivoks	sorry, not 9.04, but 9.10	16:21
ivoks	it's only in 9.10	16:22
alvin	twb: Nobody said it's a fix, but the real bug is not located yet as far as I know	16:22
twb	You'll get the same symptoms if the root filesystem can't be mounted at all.	16:22
ivoks	alvin: it's located	16:22
ivoks	alvin: and fixed in 10.04	16:22
alvin	Those are different problems. The NFS one is mountall, the not finding a root device is unknown unless I am mistaken	16:22
twb	ivoks: that's the kind of bug that keeps me on LTS	16:22
ivoks	twb: yeah, that bug didn't exist a month before release of 9.10 :)	16:23
alvin	ivoks: but it existed before. I don't remember how long though.	16:23
alvin	karmic does feel very 'beta'	16:23
ivoks	backporting the fix from 10.04 to 9.10 requires knowledge of upstart code :D	16:24
alvin	And with the current system freezes I'm experiencing, my feeling about it doesn't get better.	16:24
ivoks	anyway, i'm sorry, but i have to leave now	16:24
twb	ivoks: doesn't it require knowledge of the upstart service language, not upstart itself?	16:24
twb	And amounting to Required-Start: $network	16:25
ivoks	twb: upstart in 9.10 didn't have some features that has in 10.04	16:25
twb	Ugh	16:25
ivoks	twb: lack of those features resulted in that bug	16:25
ivoks	that and couple of others	16:25
ivoks	most of them are fixed	16:25
twb	upstart feels like such a NIH failure	16:25
ivoks	but this one doesn't look easy without backporting huge part of upstart	16:25
ivoks	it isn't	16:26
ivoks	it's great tool	16:26
jarray52	ivoks: When you're asking about root=/dev/nfs nfsroot=server_ip:/path, do you mean in /var/lib/tftpboot/pxelinux.cfg/default?	16:26
alvin	Still, that version of upstart should have been left out in Karmic.	16:26
ivoks	but it's such a important part of the system that any small error results in big problems	16:26
twb	Especially when you compare it to the simplicity of cinit or the non-invasiveness of insserv make-style booting.	16:26
ivoks	jarray52: yes	16:27
ivoks	don't forget, upstart isn't only 'booting'	16:27
ivoks	anyway, take care... realy have to go now	16:28
twb	Meaning that it restarts services when they die (like every post-sysv init), or meaning that it puts grubby fingers into areas that it doesn't belong (like NetworkManager)?	16:28
jarray52	ivoks: Thanks for your help.	16:29
jarray52	twb and alvin: I will need to do a lot of googling to follow that conversation. Do both of you believe that my problem is due to a bug? My experience has been that Ubuntu 9.10 was very buggy. Tons of crashes and random behavior. So, I rolled back to Ubuntu 9.04. For the most part, I was happy with it.	16:32
incorrect	slapd seems very broken in 9.10	16:32
alvin	incorrect: That is because it was split up and undocumented (as far as I know. I wanted to try it, but didn't know where to start)	16:33
twb	jarray52: it wouldn't surprise me if it's a bug, but I haven't seen enough evidence to conclusively demonstrate that it's not a simple fuckup on your part	16:33
alvin	jarray52: I think it's a bug, yes. Let me see if I can point you to the right reports	16:33
incorrect	alvin, apt-get install slapd?	16:33
jarray52	twb: I would bet it's a simple fuckup on my part.	16:33
alvin	(Damn: those are on my virtual mailserver, but the karmic host crashed due to an io_scheduler bug...)	16:34
jarray52	jarray52: Given my lack of experience, that is very likely. However, I did follow the instructions in https://wiki.edubuntu.org/EasyUbuntuClustering/UbuntuKerrighedClusterGuide pretty closely.	16:35
jarray52	twm: Given my lack of experience, that is very likely. However, I did follow the instructions in https://wiki.edubuntu.org/EasyUbuntuClustering/UbuntuKerrighedClusterGuide pretty closely.	16:35
twb	Just because it's on a wiki doesn't mean it's true	16:35
alvin	here: bug 504224 for the NFS mounts, and bug 470776. Also, bug 384347	16:35
jarray52	twb: totally agreed.	16:35
twb	twm wouldn't be caught dead here.	16:35
uvirtbot	Launchpad bug 504224 in mountall "NFS mounts at boot time prevent boot or print spurious errors" [Medium,Fix released] https://launchpad.net/bugs/504224	16:35
uvirtbot	Launchpad bug 470776 in mountall "retry remote devices when parent is ready after SIGUSR1" [Medium,Fix released] https://launchpad.net/bugs/470776	16:35
uvirtbot	Launchpad bug 384347 in util-linux "_netdev not working" [Undecided,Confirmed] https://launchpad.net/bugs/384347	16:35
jarray52	twb: sorry	16:36
jarray52	twb: Given my lack of experience, that is very likely. However, I did follow the instructions in https://wiki.edubuntu.org/EasyUbuntuClustering/UbuntuKerrighedClusterGuide pretty closely.	16:36
jarray52	that's better.	16:36
alvin	It could be totally unrelated too	16:36
jarray52	better question, what trouble shooting steps can I take	16:37
jarray52	?	16:37
alvin	jarray52: I wouldn't know. If it IS a bug (or multiple ones) I'd suggest trying with an older version or another distribution as client. There are no good workarounds that you can try.	16:39
incorrect	wow slapd is more broken in karmic than i thought, i am just lucky i ported my db over from jaunty	16:41
incorrect	i wonder, is slapd broken in 10.4	16:41
zul	incorrect: please open a bug in launchpad then	16:41
incorrect	zul, i've found that there are others ranting about it on launchpad	16:43
jarray52	twb: Do you have any suggestions?	16:44
incorrect	given that lucid is released at the end of the month, i wonder if i should upgrade my firewall to it, my firewall being a toy	16:45
=== kklimonda\|G1 is now known as kklimonda
jarray52	twb: Thanks for the rpcinfo pointer. That is useful. 3 versions of nfs are up and running. However, I think my problem is different. When running ifconfig on the node, i noticed that it lost its network connection. It doesn't seem to have maintained the ipaddress given to it by the dhcp server.	16:51
alvin	incorrect: I haven't tested it yet, but it is reported that Lucid has less critical bugs than karmic, so I'll upgrade everything I can find.	16:51
incorrect	alvin, i've found a posting on how to get slapd working in karmic, but my god its painful	16:54
alvin	incorrect: I have decided to wait learning ldap until someone reports he can do it without the pain.	16:54
incorrect	alvin, kvm + jaunty	16:55
alvin	incorrect: Have you tried upgrading after that?	16:55
incorrect	alvin, i upgraded my ldap server from jaunty to karmic, i didn't notice how broken thinks were as i had done all the config work	16:55
incorrect	i just needed to do some changes and found i couldn't get phpladpadmin to work	16:56
alvin	Aha, well, I will absolutely wait	16:56
incorrect	i am tempted to upgade to lucid	16:56
alvin	I'm having enough troubles as it is booting the machines. I try not to reboot.	16:56
incorrect	well i also found a huge bug that grub won't install on a software RAID setup	16:57
incorrect	i cried	16:57
ttx	kirkland: fwiw, I rewrote the ISO tracker testcases for the UEC topologies, with help from hggdh. I didn't touch any UEC doc yet, though	16:57
kirkland	ttx: i'd like to update the UEC docs	16:57
kirkland	ttx: i was going to do that this week-ish	16:57
alvin	incorrect: On RAID0? RAID1 will work	16:57
incorrect	ok this problem was only on the alternative text based installer	16:58
incorrect	i pxe boot install my machines	16:58
kirkland	ttx: also, i'd like to get the ISO tracker and UEC help docs to be in better sync, somehow	16:58
kirkland	ttx: the duplication is painful	16:58
incorrect	pxe install them,	16:58
ttx	kirkland: I think the level of detail is different for an install doc and a testcase	16:58
ttx	kirkland: but I agree with you it can be painful	16:59
kirkland	ttx: obviously	16:59
alvin	incorrect: Oh, I didn't know that. I always use the cd. I should try pxe one day	16:59
ttx	I think most of the installer is self-explaining, the UEC doc shouldn't need to go into lots of detail, but rather expand on available topologies	17:00
incorrect	alvin, i hope lucid has the latest kvm because that now supports booting vm's via the network,	17:00
ttx	while the testcase must include a bullet-point set of steps to not deviate from	17:00
alvin	incorrect: Cool, but it will not have the latest version	17:00
incorrect	alvin, i could	17:00
incorrect	it could	17:01
incorrect	kvm do not release very often, iirc jaunty and karmic had the same version	17:01
alvin	incorrect: It will be 0.7.5	17:01
incorrect	seems to be up to date then	17:04
incorrect	qemu is at 0.12.3	17:04
incorrect	maybe i will run up a vm for lucid	17:07
CVirus	I'm using kickstart to do a hands-off intsallation on 100 machines .. How can I get rid of all the warnings the installer prompts me for ... like weak passwords and invalid nameservers and so ?	17:09
jarray52	Does anyone know how to prevent the ipaddress from resetting after a kernel is loaded?	17:10
jarray52	using network boot	17:10
incorrect	i just use static ip addresses	17:14
incorrect	jarray52, are you building servers or desktops?	17:14
alvin	incorrect, jarray52: for servers, you can also use DHCP	17:16
jarray52	incorrect: I'm just playing around. Let's say I'm trying to get a server network booted. Right now, there is no disk attached. I'm able to load the OS using DHCP.	17:16
alvin	jarray52: I have no experience with that. Are you saying it works with DHCP, but not with a static address? (Can you even set a static address in that situation?)	17:18
jarray52	alvin: I'm using a DHCP server to issue a static ip address.	17:19
jarray52	alvin: I'm able to issue the static ip address and then use tftp to boot the OS.	17:19
alvin	Well, that's still DHCP, but ok.	17:20
jarray52	Out of curiosity, is it possible to search these irc chat discussions to see if someone had a similar problem?	17:21
alvin	jarray52: There are logs, but I don't know whether you can search them. Maybe use the ubuntu-server mailinglist.	17:22
* alvin is going home. No backlog due to crashed karmic quasselcore :-(		17:23
jarray52	incorrect: By playing around, I meant trying to learn how this stuff works. I'm trying to network boot a machine.	17:25
skrite99	anyone know much about a deadlock with InnoDB ?	17:26
incorrect	jarray52, during the install the installer app configures the network, its outside of the pxe boot getting you enough OS to boot from nic bios	17:28
zul	has the iso been respun yet?	17:44
ttx	smoser: we don't have any EC2 image candidate yet ?	18:26
ttx	or you wait for the respin	18:26
smoser	i thought you suggested wait for respin	18:26
ttx	ack	18:26
ttx	there is a rumour that the latest one isn't running properly	18:27
smoser	so is archive in suitable state ?	18:27
ttx	smoser: not really, we would respin	18:27
smoser	latest one , where "one" is server ISO ?	18:27
ttx	no, the cloud images	18:27
ttx	the last daily cloud images would not run.	18:27
ttx	kirkland: could you test the current state of the lucid cloud images on uEC, to debunk that rumour ?	18:31
ttx	The iso testing is using the karmic image, as a reference standpoint, so the recent lucid images weren't tested	18:31
ttx	(at least by me)	18:32
ttx	smoser: I asked slangasek to ping you when the server ISO is respun, so that you can generate EC2 candidates from that	18:34
smoser	ttx, ok. i'll try a test of latest uec images.	18:35
smoser	note, i've tested successfully on ec2	18:35
=== dendro-afk is now known as dendrobates
henkjan	kirkland: the link to http://webapps.ubuntu.com/employment/canonical_USVD on your latest blogpost is broken	18:50
jdstrand	ttx: hey. seems the server iso is being rebuilt-- may I what prompted it?	19:01
jdstrand	s/what/ask what/	19:01
sbeattie	jdstrand: possibly bug 548954?	19:02
uvirtbot	Launchpad bug 548954 in upstart "Ubuntu servers should display information during boot by default" [High,Fix released] https://launchpad.net/bugs/548954	19:02
ttx	jdstrand: "splash" still active on server boot, + winbind PAM profile screwing up login on samba-server task	19:02
* jdstrand guesses samba for 546874 and 556342		19:03
jdstrand	k, thanks	19:03
ttx	jdstrand: bug 548954 and bug 546874	19:03
uvirtbot	Launchpad bug 546874 in samba "passwd - can't login, change password (pam_winbind pam-auth-update profile)" [High,Fix released] https://launchpad.net/bugs/546874	19:03
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
mathiaz	kirkland: hi	19:48
mathiaz	kirkland: trying to run an instance on UEC	19:48
mathiaz	kirkland: got this error on the NC: [009416][EUCAERROR ] libvirt: internal error no supported architecture for os type 'hvm' (code=1)	19:48
brontosaurusrex	if linux boxes can't see my internal linux server, do i need to edit /etc/dhcp3/dhclient.conf to send hostname or something else (windows boxes on the network have no problem seeing the box)	19:55
smoser	kirkland, did you report (ttx said someone did) that latest uec images aren't booting ? or was that mathiaz ?	19:56
brontosaurusrex	if linux boxes can't see my internal linux server by its internal hostname, do i need to edit /etc/dhcp3/dhclient.conf to send hostname or something else (windows boxes on the network have no problem seeing the box)	19:56
mathiaz	smoser: I haven't reported anything yet	19:56
sherr	brontosaurusrex: if they are all on the same network, they should "see" each other.	19:56
sherr	brontosaurusrex: what IP address on linux server?	19:57
sherr	brontosaurusrex: what IP address on other linux box?	19:57
MTecknology	How can I change a username? like michae -> michael	19:57
MTecknology	Is there any easy way to do it system wide?...	19:57
brontosaurusrex	192.168.1.100 is the server	19:57
brontosaurusrex	192.168.1.101 is the client for example	19:58
sherr	brontosaurusrex: and netmasks?	19:58
brontosaurusrex	inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0	19:58
sherr	You cannot ping .100 from 101?	19:59
sherr	ping 192.68.1.100	19:59
brontosaurusrex	its not really an issue, since 99,9% of users are windows, but i wonder whats up with that	19:59
brontosaurusrex	sherr: sure i can, only hostname doesnt work	19:59
sherr	Well, how was I supposed to know it was a DNS issue only?	20:00
brontosaurusrex	its accessable via ip	20:00
sherr	Put the hostnames/IP's in /etc/hosts?	20:00
brontosaurusrex	on all linux boxes?	20:00
sherr	Yes - unless you want to run DNS.	20:00
sherr	Maybe look into using dnsmasq as a DHCP server.	20:01
brontosaurusrex	how come windows boxes see the hostname?	20:01
brontosaurusrex	samba?	20:01
sherr	Are you using Samba>	20:01
sherr	?	20:01
brontosaurusrex	its installed i think	20:01
sherr	Then WINS perhaps.	20:01
sherr	WINS != DNS	20:01
sherr	Note - dnsmasq includes a DNS server that can read from DHCP leases	20:02
brontosaurusrex	i see, so i have to run dhcp client right?	20:02
sherr	The DHCP client is already used, no? This gets you an IP address.	20:02
sherr	You need "name" resolution	20:02
sherr	i.e. DNS	20:03
brontosaurusrex	right	20:03
sherr	/etc/hosts is one way	20:03
skrite99	anyone have much experience with what a deadlock is in mysql InnoDB tables?	20:03
alvin	If Windows clients can see each other by hostname and other systems can't, it's probably because they are using NETBIOS	20:03
brontosaurusrex	sherr: ok, ty	20:03
mathiaz	smoser: http://people.canonical.com/~mathiaz/console.log	20:06
mathiaz	smoser: ^^ - tried to boot a daily UEC image on EC2	20:06
smoser	you mena on uec?	20:07
mathiaz	smoser: yes UEC	20:07
mathiaz	smoser: not ec2	20:07
smoser	ok. i've booted 20100406 several times today in ec2	20:07
smoser	i think your metadata service is broken	20:08
smoser	and i've verified on my local UEC that 20100405 worked fine	20:08
`blackmk4\|imac	just wondering if there will be a proper fix for this 5 month old bug: http://ohioloco.ubuntuforums.org/showthread.php?t=1311112	20:10
`blackmk4\|imac	it pretty much breaks the ability to run a server	20:10
smoser	mathiaz, ^	20:10
sherr	`blackmk4\|imac: is there a bug number?	20:11
`blackmk4\|imac	yes	20:11
mathiaz	smoser: it's quite possible that the meta-data is not working	20:11
mathiaz	smoser: as I'm running UEC on multi-network topology	20:12
mathiaz	smoser: how can I test if the meta-data service is working correctly?	20:12
`blackmk4\|imac	https://bugs.launchpad.net/ubuntu/+source/linux/+bug/474930	20:12
uvirtbot	Launchpad bug 474930 in linux "Ubuntu 9.10 crashes when run without monitor or when monitor sleeps." [Undecided,Confirmed]	20:12
smoser	mathiaz, boot an insance, somehow get to it and then poke at the metadata service from within it :)	20:14
smoser	but its broken, thats why you're seeing those errors	20:14
sherr	`blackmk4\|imac: I wonder if Lucid works?	20:14
`blackmk4\|imac	i would imagine so	20:15
sherr	`blackmk4\|imac: I am not affected by this. But what I would imagine is that someone adds a comment to the bug and asks if anyone can confirm this happening in Lucid still. If not, then great.	20:17
`blackmk4\|imac	wait	20:17
`blackmk4\|imac	what is lucid, i thought you meant a person	20:18
`blackmk4\|imac	:v	20:18
sherr	Lucid Lynx a.k.a release 10.04 - current beta?	20:18
`blackmk4\|imac	ah, then I don't know if it works there	20:18
sherr	But if it is important, maybe someone can test?	20:19
`blackmk4\|imac	fair enough	20:19
sherr	If it affects you, why not comment on the bug and see if someone can test? or maybe someone already has?	20:19
`blackmk4\|imac	i commented in a few forum posts about it, I'll comment on the bug	20:20
sherr	That is, if no one has already. Check first :-)	20:20
alvin	Is that with a monitor hooked up AND X installed? Because I have karmic installations without monitor that run. None of them have X. (As long as you don't let them do something intensive like copying a large file)	20:22
alvin	Oh, and with Intel videocard	20:23
alvin	(Desktops with X and some Intel cards will crash after a little while anyway)	20:23
sherr	A comment on the forum says "no X required" IIRC.	20:23
sherr	alvin: although they should run even copying a large file :-/	20:24
alvin	I didn't read the whole forum of 'me too'. ;-) The bug should be enough	20:24
sherr	Yes, me too ... :-)	20:25
alvin	sherr: I had 3 servers that froze today. One went down. The one that was doing the least work. It's apparently a kernel io_scheduling issue, but it's unclear where the bug should be assigned.	20:25
alvin	I'm researching this a bit. I tried to reproduce on a non-critical system with an atom cpu, but I can't reproduce it there. But take a 2xquad core machine with 32 GB ram, and rsync a 10GB file. Bam, load goed in the air and server goes down.	20:26
alvin	INFO: task kvm:22955 blocked for more than 120 seconds. (etcetera)	20:27
sherr	alvin: what's backing the guests? LVM, file?	20:28
alvin	Production servers are experiencing problems, and test servers don't :-(	20:28
alvin	File, on LVM (ext4 formatted)	20:28
sherr	I hear you. Maybe you need test servers that match production more closely ... i,e, bigger!	20:28
alvin	I do have those tomorrow. 'll test there	20:29
alvin	In fact, I could reach them. There's nobody at work, so I can quitly copy a file now. Let's do it.	20:29
sherr	Can you arrange an ext3 test? Good data-point perhaps	20:29
alvin	Should be possible. There is space left	20:30
alvin	Only one of the bug reports I found talks about ext4: (bug 494476 and bug 276476)	20:31
uvirtbot	Launchpad bug 494476 in linux ""Smbd","kjournald2" and "rsync" blocked for more than 120 seconds while using ext4." [Medium,Triaged] https://launchpad.net/bugs/494476	20:31
uvirtbot	Launchpad bug 276476 in linux "INFO: task blocked for more than 120 seconds causes system freeze" [Medium,Fix released] https://launchpad.net/bugs/276476	20:31
sherr	Is it always rsync? Wit compression? maybe try a "cp", or no comp.	20:31
alvin	cp and scp too	20:31
alvin	and on the server that went down: totally unknown. Only the virtual machines where running and they not under any load	20:32
alvin	I logged in with ssh on the host because a guest (holding a miniscule db) crashed, saw the high load, checked some things and while later, everything was down.	20:33
sherr	bug 276476 - seems old. "task blocked" is quite generic perhaps - problem in KVM?	20:33
uvirtbot	Launchpad bug 276476 in linux "INFO: task blocked for more than 120 seconds causes system freeze" [Medium,Fix released] https://launchpad.net/bugs/276476	20:33
sherr	2008?	20:33
alvin	sherr: Not only kvm. Task blocked is also to be seen with pdflush, kjournald, and others (rsync)	20:33
alvin	fix released is only for the message or something. I see the problem only since I rebooted after installing the latest karmic kernel	20:34
sherr	Yes - I mean it's a generic error message caused by many things maybe	20:34
sherr	Painful - and trying to figure out the cause is painful. Time/effort ...	20:34
alvin	Probably, but it's the only clue I have	20:34
sherr	Try a different kernel? .33 PPA? Or roll your own from kernel.org	20:35
alvin	The most important server is under support (Canonical), but after the first answer, they're a bit slow. I'll call tomorrow, because it halted production 2 times now.	20:35
sherr	Keep us posted anyway - good luck. Be good to hear how it goes.	20:36
alvin	Of course. I'll start a test now and see how it goes	20:36
billybigrigger	does anyone here use snort?	20:46
billybigrigger	http://ubuntuforums.org/showthread.php?t=919472	20:47
billybigrigger	i'm trying to follow this security guide, but it is suggesting i compile snort from source, only because the version in the repos doesn't enable logging to a mysql db	20:48
billybigrigger	does this still hold true?	20:48
ttx	smoser: new server ISO is out, you can trigger the EC2 ones if not already done	20:48
smoser	i will trigger now.	20:49
smoser	ttx, started. i tested 20100405 on uec and it ran fine	20:49
ttx	smoser: thanks !	20:50
sherr	billybigrigger: No idea. I'd look at the available package versions, and the changelogs. See if it is still true.	20:50
sherr	http://packages.ubuntu.com	20:50
ttx	zul, kirkland: the new server ISO is available, please cover the tests you can before the end of your day.	20:50
smoser	ttx, where did you hear that it wasn't functional?	20:51
zul	ttx: my end of the day is in 9 minutes but Ill cover the tests later tonight	20:51
ttx	smoser: some internal talk on a call, probably bad rumour	20:51
ttx	zul: heh	20:51
brontosaurusrex	so its either /etc/hosts or my own dns server?	20:52
sherr	brontosaurusrex: stick a few hosts/IP's in a cuple of /etc/hosts files - prove to yourself that works :-)	20:52
brontosaurusrex	sherr: thats how i have it done now (for a while)	20:53
brontosaurusrex	and its good enough for home use	20:53
brontosaurusrex	but what to do with bigger intranets? is there a way to sniff if there are any dns servers allready running, or what is the most correct procedure, finding the admins?	20:54
sherr	brontosaurusrex: well, a sysadmin could tell you I assume. DHCP should also give out "nameservers" (go in /etc/resolv.conf)	20:56
brontosaurusrex	well this home box has some ips in there and there is no dns	20:56
sherr	brontosaurusrex: IP's in where? resolv.conf?	20:58
brontosaurusrex	yes	20:58
sherr	From your DHCP server? What IP's?	20:58
brontosaurusrex	http://b.pastebin.com/HrUWUCE5	21:01
brontosaurusrex	this are probably external dns's	21:02
sherr	brontosaurusrex: Ah, NetworkManager ...	21:02
sherr	brontosaurusrex: and Telekom Slovenije - your ISP?	21:02
sherr	brontosaurusrex: I guess that's frm your ISP/internet modem DHCP.	21:02
sherr	Options :	21:03
sherr	a) Use /etc/hosts for your local systems	21:03
sherr	b) Setup DNS locally (maybe look at dnsmasq = DHCP + DNS and simple)	21:03
=== ubott2 is now known as ubottu
brontosaurusrex	sherr: thanks for your time, i need some reading to do	21:11
brontosaurusrex	as it seems ;)	21:12
MTecknology	I tried copying /var/lib/mysql/ from one server to another because it's the only backup I have for this. I setup the permissions on the new junk, copied debain.cnf from the old system (the internel structure should be exactly the same), When I do 'start mysql' it just hangs.	21:26
MTecknology	Any ideas what I should look for to make this work?	21:26
MTecknology	the only thing I get in top is an 'sh' process that hops up top some but doesn't really look active	21:28
sherr	MTecknology: all the tables copied over?	21:31
sherr	MTecknology: Try starting the server and tail the syslog in another shell i.e.	21:31
MTecknology	sherr: yup - I just sat there beating it a few times and I think magic/pixie_dust may have taken hold :)	21:31
sherr	/etc/init.d/mysql stop && /etc/init.d/mysql start	21:32
sherr	and "tail -f /var/log/syslog" in anoither s=hell at the same time	21:32
sherr	Oh, it's working now? magic/pixie_dust?	21:32
sherr	What version pixie_dust? :-)	21:33
MTecknology	0.9	21:33
MTecknology	I hear 1.0 is supposed to work out of the box	21:33
MTecknology	sherr: I tried what you said and it all looks clean :)	21:33
sherr	No one uses a v1.0 surely?	21:34
sherr	0.9 .. no problem ... :-)	21:34
sherr	So, it is working?	21:34
MTecknology	ya	21:34
MTecknology	:)	21:34
MTecknology	now to see if the whole server is working....	21:34
sherr	OK, great.	21:34
kirkland	ttx: on it now	21:36
mathiaz	kirkland: hey!	21:41
mathiaz	kirkland: did you test eucalyptus package installations?	21:41
kirkland	mathiaz: howdy	21:41
kirkland	mathiaz: i'm burning to a usbstick now	21:42
xperia	hello to all. i have to execute this line here as root at boot	21:46
xperia	how can i do this ?	21:46
xperia	./flashpolicyd.rb --xml flashpolicy.xml --logfile flashpolicyd.log	21:46
mathiaz	cjwatson: hi	21:46
mathiaz	cjwatson: when the installer runs the package installation in-target, is the in-target debconf database (already) loaded with the debconf database from the install environement?	21:46
sherr	xperia: maybe add to /etc/rc.local (last rc script that runs each boot)	21:47
xperia	sherr: great will test that	21:47
mathiaz	cjwatson: IOW if I preseed something in the installer is that value available when the packages are installed in the chroot environement?	21:48
xperia	the question is the whole script is located in my home folder. i ask me if i should remove it to some /usr/local folder maybe	21:48
KillMeNow	xperia: couple things you can do, you can copy the script to say /var/lib/initscripts and then add it to rc.local using the entire path	21:52
KillMeNow	you could create your own folder in /var/lib/ called scripts	21:53
xperia	KillMeNow: great thanks for the very helpfull answer. i have searched for rc.local in /etc but this file dont exist in /etc it must be some other path	21:54
sherr	xperia: yes, doesn't really matter much. As long as you know where and what it is etc.	21:55
xperia	ahh okay in this case it will work as long a file called rc.local exist in /etc. great you helped me a lot !	21:56
incorrect	ok so slapd is very broken in 10.04	22:10
incorrect	is ldap not very important any more?	22:10
vmlintu	incorrect: it's definitely different from hardy	22:11
vmlintu	incorrect: what's the problem you are having?	22:11
incorrect	vmlintu, sure is, doesn't even configure a system that you can log into any more	22:11
incorrect	dpkg-reconfigure slapd used to do a lot for me	22:12
vmlintu	incorrect: yep, it used to be easier for small setups..	22:13
vmlintu	incorrect: at first I hated the new system, but it turned out to be great as my setups are so weird	22:13
vmlintu	incorrect: do you need help getting it working?	22:13
cjwatson	mathiaz: should be	22:13
cjwatson	mathiaz: provided the owner for the field in question is correct (i.e. the owning package, not d-i)	22:14
incorrect	vmlintu, sure the documentation doesn't offer much help	22:15
vmlintu	incorrect: I've written some entries in blog here: http://www.opinsys.fi/setting-up-openldap-on-ubuntu-10-04-alpha2	22:15
vmlintu	incorrect: the first part does pretty much the same as the old dpkg scripts	22:16
incorrect	i have a 6 slapd servers in a multi-master setup, but i would have thought having dpkg do some of the heavy lift would have been a good thing?	22:17
vmlintu	incorrect: the dpkg scripts didn't do much good for multi-master setups	22:18
incorrect	well it got you a fair bit of the way and you take it from there	22:18
vmlintu	incorrect: do you have the old configs in hand?	22:19
incorrect	sure i have my 8.04 setup running, i even backported 2.4.15	22:20
vmlintu	incorrect: if you do, you can convert them to cn=config backend with slaptest tool	22:20
MTecknology	How can I reinstall apache from scratch?	22:20
MTecknology	I screwed up the configs pretty bad	22:20
incorrect	i just wanted to rebuild my home setup	22:21
incorrect	just found weird bugs since i've been upgrading since jaunty	22:21
qman__	MTecknology, apt-get purge it, delete any remaining configs, then reinstall	22:21
MTecknology	qman__: that didn't work	22:21
MTecknology	aptitude purge apache2; rm -R /etc/apache2; aptitude install apache2	22:22
qman__	how didn't it work	22:22
MTecknology	qman__: /etc/apache2 still doesn't exist	22:23
mathiaz	MTecknology: try purge apache2.2-common instead of apache2	22:23
qman__	yeah, apache2 is a metapackage	22:24
qman__	that might have caused it	22:24
MTecknology	oh..	22:24
MTecknology	thanks :)	22:24
dasunsrule32	Does anyone have Vmware Server 3 beta running on their server here yet?	22:26
incorrect	vmlintu, will you be updating the ubuntu server docs?	22:27
MTecknology	dasunsrule32: I think most people in here use other tools like kvm	22:27
* MTecknology screams silently to self -why on earth do people use ruby?-		22:30
=== dendrobates is now known as dendro-afk
kirkland	mathiaz yo	22:57
=== hggdh_ is now known as hggdh
=== dendro-afk is now known as dendrobates

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!