[00:14] if I hadn't added the ssh key from my client box into authorized_keys of the server before I 'installed' an image in the UEC store, will I need to reinstall that image? [00:14] I can't ssh into a newly spawned instance, getting a permission denied (publickey) ssh error === dendro-afk is now known as dendrobates [00:29] how can I delete an image from the UEC store? [00:30] chewbranca: euca-delete-bundle --clear -b -p [00:30] chewbranca: you have to deregister it first. [00:30] euca-deregister emi-XXXXXX [00:30] yeah I deregistered it and then tried to delete the folder in eucalyptus/bukkits/ [00:31] Not good. You should never have to manually touch the folders. [00:31] yeah I figured it wasn't the best approach, just trying to delete the damn thing [00:32] chewbranca: It will remember the folder name in the DB, so it may not let you create another bundle with the same bucket name, but otherwise, UEC should still be usable. [00:33] well I'm just trying to get an ubuntu 9.10 image running, couldn't ssh in because I hadn't added my key properly before I installed the image [00:34] ok I'm sorry, I don't even know what a bucket is, would it be something like image-store-1273975937 [00:35] chewbranca: Yes [00:36] and prefix is? [00:36] if I do: sudo euca-delete-bundle -b image-store-1273975937 it says unable to get bucket ... which quite possibly is because I deleted it manually [00:40] well... trying to install a different image now because I have no clue how to delete the image now [00:49] chewbranca: I agree it is annoying to see this error, even if it has been manually deleted (against their instructions)... So the only side-effect will be (AFAIK) that you will never be able to use the same bucket name (image-store-XXXXXXXX) which shouldn't be a big problem. [00:50] cybrocop, well its a bit of a problem because that bucket was the ubuntu 9.10 image and now I can't use that [00:51] luckily 10.04 was recently added, but if it wasn't, the only way I would know to fix it is completely reinstall the entire thing === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates [01:05] chewbranka: I think the number in the bucket-name is randomly generated. So you should be able to get a different bucket name next time. [01:05] chewbranca: i'm just going off of my memory and may be wrong about this. [01:06] I just tried to delete the 10.04 image I installed by doing the euca-delete-bundle, and it deleted, except the web interface still recognizes it as installed [01:06] despite it not showing up in euca-describe-images [01:09] I'm just trying to get the ssh keys setup, was able to start up new vms, but I can't ssh into them, the original images were created without my client public key in the /var/lib/eucalyptus/.ssh/authorized_keys [01:17] ok this is just annoying, still can't actually login to a vm, just getting ssh permission denied [01:30] Which user are you trying to log in to? I remember those "store" images had a built-in user called "ubuntu" [01:30] chewbranca: How are you launching your instance? [01:31] with hyrbid fox [01:35] chewbranca: Do you specify the key at launch time? === MenZa is now known as baconsnacks === baconsnacks is now known as lhavelund [01:43] yeah I did, I tried adding another key and using that as well, but no go [02:43] hi [02:48] morning [02:52] I'm running a server at home with some virtual machines [02:53] trying to set up a large network simulation [02:54] but I was thinking, what kind of linux administration scenarios are actually of use [03:50] cybrocop, well, I started over from the beginning and made sure to follow every direction exactly, and now it works :D [04:34] hey guys, is there a lucid PPA that offers the latest version of MySQL? === register is now known as Guest30182 [05:51] is it possible to use synaptic as a gui front end from a host with a graphic environment to an ubuntu server [05:52] panfist, you can use aptitude on the server [05:52] ok [05:52] synaptic has a feature, file > generate download scripts [05:53] is there a corresponding function in aptitude? [05:54] nope, i don't think so [05:56] panfist, if you turn on X11 forwarding when you ssh to your server, you can run 'sudo synaptic' and it'll show up on your desktop [05:56] scar, that assumes he has a desktop env installed on the server [05:56] :) [05:56] in which case he can simply vnc to it [05:57] i was wondering if it was possible to skip that part [05:57] kirkland, are you around ? [05:57] when does it make sense to do this: tar -cC /foo . | tar -vxC /newfoo [06:01] what's wrong with aptitude? [06:01] panfist: run aptitude w/o parameters and you get a pretty ui [06:02] yea, even a minesweeper ! [06:04] MTecknology, he needs the 'generate download script' functionality [06:04] oh [06:07] MTechnology: 00:53 < panfist> synaptic has a feature, file > generate download scripts [06:08] panfist: that much wasn't needed ;) [06:08] Mtecknology rather [06:08] I thought aptitude could do that too [06:08] sorry i'm slow. i'm ssh'd into this irssi session with some lag [06:08] if it can i would like to know [06:09] currently i have a couple of scripts which help me push the /var/cache/apt/archives/*.deb from one host to another and create a local repository [06:09] I guess not.. [06:09] that's the best solution i have found to solve my problem [06:10] I just ssh into each system and run a command across all of them at once [06:10] getting a synaptic front end to the staging server would be nice because then i could possibly delegate testing new packages to more people [06:11] what do you do for hosts that are not on the internet [06:11] why would you have a server not connected to your network? [06:11] a physically isolated subnet [06:11] with no internet connection [06:12] then they won't be grabbing your script anyway [06:12] ... [06:12] the generate download scripts function allows you to make selections in synaptic, and push those to a remote system with one command [06:13] actually, push those to external media, which you can bring to another host and install with one command [06:13] without that, i have to execute a few more commands. its not that big of a deal [06:15] MTecknology: my guest os is running but not accessible after host restart [06:15] unewbie: start the guest after the restart? [06:15] unewbie: did the ip change? [06:15] don't remember [06:16] looks like the host lost power this morning [06:17] unewbie: virsh start $HOST [06:17] so s/host/guest/ - w/e you named it [06:18] if i do virsh list --all, i can i it's running [06:19] i can see it's running [06:22] MTecknology: what if i did changed the ip? [06:23] unewbie: that's probably the case.. you need to figure out what the ip is [06:23] unewbie: try ifconfig [06:24] you mean, we can't change the host ip? [06:27] unewbie: no, the host should be able to indicate what ip the guest is using [06:27] unewbie: or check dmesg [06:27] unewbie: iirc - your issue was not knowing the guest ip [06:29] MTecknology: it's up now after restart. thanks [06:29] unewbie: yay [06:31] MTecknology: the guests aren't starting itself. i have to start them manually. can i start the guests as the host restart? [06:31] unewbie: you can... but don't ask me how [06:31] :D [06:31] I only start up certain machines [06:32] I could script it easily enough - but that would be hacky [06:33] for vm in $(virsh list --all | awk '{print $1}'); do virsh start $vm; done [06:33] something like that.. [06:33] but ya- don't do that - I know there's a 'correct' way to do it [07:50] Can anyone point me to any documentation around a user-mode ram disk? [07:50] I.E., I'm using an app that is making excessive use of /tmp, and it is too slow... [08:03] hi does ubuntu-server uses hwdetect coomand.. [08:03] ruben23: like lspci and lsusb ? [08:04] yes [08:04] so is that the answer you were looking for? [08:04] im just wondering how hwdetect functions.. [08:04] oh- no idea [08:05] need advice. my syslog is filling up with "snmpd[2867]: error on subcontainer 'ia_addr' insert (-1)" -errors. [08:08] <_ruben> trapmax: known bug i think === jo-erlend_ is now known as jo-erlend [08:31] I have four disks. On sda and sdb, I make the first raid partition of 300MB, set a bootable flag, add ext4 to it, and set mount point to /boot. I make a raid5 partition on all four disks of 1GB for swap, and one partition on each disk for raid5 as /. When I boot, I get dropped to a busybox. The error is that the disk with a certain UUID doesn't exist. [08:31] what am I doing wrong? [08:31] I did the exact same thing in a vm, and I get an error there as well, about a missing disk, but it boots. On the physical server, it does not. [08:46] New bug: #593552 in mysql-dfsg-5.1 (main) "mysql-server-5.1 deletes tables on start" [Undecided,New] https://launchpad.net/bugs/593552 [08:51] <_ruben> jo-erlend: never had any issues with similar setups, might be problem specific to newer versions though, havent installed any software raid servers in a while [09:04] jo-erlend: I'm still puzzled why you wouldn't have /dev/disk/by-uuid. [09:29] morning [09:30] o/ [09:30] jo-erlend: You do have mdadm in the initramfs, right? [09:33] soren, I think I've found the problem. When you delete raid devices in the installer, it's not being updated until a reboot. The first time I run the installer, I setup a raid5 because I didn't know grub2 could only boot from raid1. Later, when I run the installer again, I deleted the raid devices and setup new ones. However, the installer created partitions on a raid5 instead of new md devices. [09:34] it never occurred to me that I had to reboot after deleting the md devices in the installer. I think that's a bug. [09:37] I'll see if I can reproduce it in a vm. It may be that I did something wrong. [09:38] ok [10:10] O_o [10:31] jdstrand: When you do the libvirt merge, what version will you be doing? [11:25] soren, I configured the raids manually before I run the installer. I had no problems at all. I think that the installers partitioner is really buggy. [12:25] Hi, Any usage experiences of replicating filesystems on external hard-drives? [13:04] I'm running ubuntu server 10.04. I've installed kvm and libvirt-bin. I'm using virt-manager and I'm connecting from a remote host. On the server, I've setup br0 as a bridge with eth0. How do I make new VMs automatically use that bridge? I can't see it at all in virt-manager. [13:05] Please don't double-post. [13:06] Anyone know how to configure custom rules for apparmor? [13:15] jo-erlend: the user should be part of the libvirtd group and the guest should be run with a system-level libvirtd instance [13:15] kirkland: Are you around? [13:17] nxvl: ping [13:28] morning [13:35] Daviey: howdy! [13:35] hi guys i restricted the ssh connection to my server to 1 stupid-user without any rights. I can work now without probs on the server. But now it looks like 've got the problem that i cannot use the sftp-server anymore with my standard user? [13:36] yes [13:36] have someone of you an idea? [13:36] sftp uses ssh [13:36] jo [13:36] so you've restricted sftp to that user too [13:37] shit === dendrobates is now known as dendro-afk [13:37] is there a way to build a work around? [13:38] especially with another sftp-server like vsftpd? [13:39] or do i have there the same problem? [13:39] vsftpd isn't an sftp server [13:39] it's an ftp(s) server [13:39] okay [13:40] is there exist any standalone sftp-server? [13:40] The most secure option would be to upload your ssh key, and turn off password authentication over ssh. [13:41] Then enable ssh for everyone [13:42] the access would be restricted on the machine with the ssh key, right? [13:43] to the machine, yes [13:43] hm [13:44] It's a little more work, but once it's working, it works great :) [13:44] cloakable@transtor:~$ ssh -C root@server [13:44] Permission denied (publickey). [13:44] I can imagine :) [13:44] What happens if you don't have access to that account [13:45] If you do, passwordless access :) [13:45] what do you try to ask me? [13:45] kirkland: hey, great to see you.. Do you have a moment to have a look at this euca branch? [13:46] cloakable, i need to set up 3 machines with the key. [13:46] but wait, when i connect to the server the first time i get this key right? [13:47] STF: No, the key is stored on the machine, then exported to the server [13:47] okay [13:47] STF: Or, you can generate the key once, share between your machines, and do it that way :) [13:48] hm [13:48] STF: ssh-keygen as your local account [13:49] STF: then enable ssh login on your server, and run 'ssh-copy-id [user@]machine [13:49] The user@ is optional if you use the same username on all machines [13:49] Once that's done, you'll be able to login without a password [13:50] i using putty on two systems [13:50] Ack, putty sucks with keybased auth [13:51] you need to know that i use my server on one point as a RDP-Relay [13:51] Don't use putty to generate the keys... use ssh-keygen, and share the private key with your putty machines [13:51] okay [13:52] Daviey: sure, let's do it [13:52] let's go to work [13:53] kirkland: awesome, pushing to LP - will create a merge proposal with you assigned [13:54] Daviey: sweet; is this the merge, or what? [13:54] cloakable, should i use the passphrase? === zul_ is now known as zul [13:55] kirkland: I have two branches.. this brings maverick up to 1.6.2 final with quilt.. so a merge, and quilt [13:55] Daviey: sweet [13:55] kirkland: the other bumps to -devel [13:55] kirkland: but i would like 1.6.2 to bake for a while [13:55] kirkland: As it is.. euca doesn't work in current maverick [13:56] kirkland: my branch, or what is currently there [13:56] *both* work in Lucid :( [13:57] Daviey: interesting [13:57] STF: If you wish [13:57] Daviey: okay, great job [13:58] kirkland: That is one word for the current situation, i have some others :) [13:58] Daviey: do we have an idea of the source of the problem? upstart? kernel? [13:58] kirkland: all of the above. :/ [13:59] Hey, on Lucid, seems the motd has incorrect pointer to doc page: http://www.ubuntu.com/server/doc [13:59] kirkland: e1000 NIC doesn't work in current kernel, so that is one box out. Another seems to have SATA controller issues, so that box is out and the dell laptop.. installs, seems to work - but CLC doesn't report success and http daemon isn't responding. [13:59] rgreening: hrm, you're right [13:59] rgreening: please file a bug against basefiles, assign to me [14:00] really need help regarding NFSv4 with Kerberos...I am following https://help.ubuntu.com/community/NFSv4Howto#NFSv4%20Server%20with%20Kerberos, but i don't quite understand this step when creating the nfs/ principals: kadmin -q "addprinc -randkey nfs/nfs-client.domain" (client could be any ubuntu machines on the network)...appreciate for any help!! [14:00] kirkland: will do [14:00] kirkland: I think the old ubuntu.com used to work with that.. perhaps get the web devs to fix the redirect? [14:00] Has anyone experienced Bug 579276. I want to know if what I'm seeing now inside Eucalyptus is the same thing. [14:00] Launchpad bug 579276 in linux "Lost network in KVM VM / virtio_net page allocation failure" [Medium,Triaged] https://launchpad.net/bugs/579276 [14:00] Daviey: yeah, i think a redirect will be better [14:00] rgreening: this will probably be solved with a redirect, but file the bug anyway ;-) [14:01] kirkland: true enuf... [14:04] just updated to 10.04. now "aptitude install" gives me "dpkg: error processing logcheck (--configure): subprocess installed post-installation script returned error exit status 2" what is the correct action? [14:05] Daviey: link to the branches? [14:06] Daviey: i don't see anything [14:07] lp:~davewalker/eucalyptus/maverick_to_quilt [14:08] kirkland: hmm, yes - i should have put it under the ubuntu namespace [14:09] cloakable, which option i need to set to yes in the sshd_config to use the privatekey? Is it the 'RhostsRSAuthetication'? [14:10] kirkland: got it? [14:11] Daviey: a merge proposal? [14:11] Daviey: if so, no [14:12] kirkland: no.. best i don't do that.. as it's in the euca namespace [14:12] kirkland: lp hates me. it seems its broken atm. Will try again in a few. [14:13] kirkland: I could re-push it under ubuntu, but if you can have a look there - give comments to me here.. we'll get it uploaded and i'll remove the branch [14:20] <_chris__> heja, when im pingin some particular device it tells me 'min/avg/max/mdev' like usual, but with this device he also adds a ', pipe 2' at the end, what does that mean ? [14:24] good evening everyone! how to trace aptitude package installation -- logcheck1.3.7 configure fails with message "No such file or directory"; dpkg says error processing logcheck (--configure), subprocess post-inst script returned error exit status 2 [14:24] this is after upgrading from latest 8.04.x server lts to 10.04 server [14:25] all other packages went well === dendro-afk is now known as dendrobates [14:40] Daviey: re libvirt> 0.8.1-2 [14:45] okay this thing with private-key drives me crazy [14:46] i have create a private key on my server, transfered it to my windows client, convert it with puttygen to putty-useable file, but now i get at connection the problem: "Server refused our key" [14:46] what should i do???? [14:46] hey guys, for some reason i installed ispconfig a week ago [14:46] i changed my mind just after [14:47] but i still have problems with the cleanup [14:47] i get lots of these lines in /var/log/syslog: Jun 14 09:45:01 lserver2 CRON[13062]: (root) CMD (/usr/local/ispconfig/server/server.sh > /dev/null 2>> /var/log/ispconfig/cron.log) [14:48] i'm trying to figure out where that is called from, a grep -R in /etc does not give me anything for ispconfig [14:55] STF: you got it backwards. create a keypair on the client and transfer the public key to the server [14:55] okay [14:58] amstan: it's in /usr/local, so it looks like you manually installed this vs using something like apt. [14:58] bc: no.. it's actually a php script that installs all this [14:58] amstan: same thing :) [14:59] the uninstaller script doesn't do a good job [14:59] it forgets to delete the users, mysql db, cron jobs [14:59] and so on [15:00] amstan: configuration may be in /usr/local/etc, or /usr/local/ispconfig, but look in the directories called by /etc/crontab and /var/spool/cron/crontabs/ [15:01] bc: those should not be edited by hand [15:01] anyway.. i figured it out [15:01] did a grep in both /etc and /var [15:01] there should be no ispconfig left [15:02] did anyone else have experience with ispconfig? [15:02] hi there anyone: apt-installed vlan, modprobed 8021q, configured iface eth0.10 on /etc/network/interface buuuuut...why eth0.10 still continues beeing recognised as VLAN1 on the switch? [Ubuntu 10.04 Server over vmWare esxi4] [15:02] amstan: I didn't say anything about editing. Either way, glad you got it fixed. [15:05] hi! [15:05] can anyone verify that the partner repository for lucid x86_64 (deb http://archive.canonical.com/ubuntu lucid partner) is currently not working, please? [15:05] I always get a checksum mismatch for Packages.bz2 and Sources.bz2 === dendrobates is now known as dendro-afk [15:10] joschi: works from here [15:11] pmatulis: thanks for checking. seems I can only get corrupted files from that server [15:11] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/lucid/partner/binary-amd64/Packages.bz2 Hash Sum mismatch [15:11] joschi: proxy trouble? [15:12] pmatulis: could be. I'll have to investigate that *sigh* [15:20] smoser: ping [15:20] here [15:20] smoser: can you pop back onto mumble for a minute and bring me up to speed on the 64k console bug? [15:36] New bug: #594159 in bacula (main) "Bacula failes to backup to tape: I/O error" [Undecided,New] https://launchpad.net/bugs/594159 === mathiaz_ is now known as mathiaz === dendro-afk is now known as dendrobates === dendrobates is now known as dendro-afk [16:29] jiboumans, ttx: my sound -- as usual -- still misbehaves [16:29] hggdh: it's somewhat crucial we can hear you speak [16:29] if that's a problem, we can use skype instead for example [16:29] or the confcall line [16:29] or that, but i'm not a huge fan of it's call quality either [16:30] I can try to hijack my wife's laptop on skype [16:30] hggdh: conf line it is then, faster bootstrap [16:31] will be there in a few [16:35] hello [16:35] what application video screen capture on ubuntu server [16:36] run without xwindows [16:36] New bug: #594201 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Balík je ve velmi špatném, nekonzistentním stavu - před pokusem o odstranění ho raději přeinstalujte." [Undecided,New] https://launchpad.net/bugs/594201 [16:37] what shell can i setup for a user so they can't have bash access but they can still do sftp/scp? === dendro-afk is now known as dendrobates === chriisti is now known as Chriisti === ogra__ is now known as ogra [17:41] need help figuring out why my system won't mount cd's plz. [17:43] hey guys what pkgs is repo part of ? [17:43] I installed build -essential and git butthe repo command is missiing [17:46] UnixDawg_: i don't think there's a command named repo [17:46] UnixDawg_: usually, bash will suggest packages to install that contain similar named executables, but none of them are repo === dendrobates is now known as dendro-afk [17:50] qits a command needed for git repos [17:50] grr [17:51] this is the 1 thing I hate about linux they cut everything up into finite parts [17:51] <_ruben> better than infinite parts... [17:52] I need the repo command [17:52] I cant find it [17:56] UnixDawg_: can you paste the exact error message. i can't locate the 'repo' command [17:58] in a min installing devscripts [17:58] it just sauys no command repo [17:58] the command repo is needed for setting up git repo's [17:59] and cant cut and paste from a vm into themain window [18:01] setting up a virtual system to build android-x86 [18:01] on a sun virtualbox [18:03] I cant believe they would break something this bad [18:03] my cdrom drive just never mounts properly and if I run mount /media/cdrom0 the light never comes on and after about 20 seconds I get mount: no medium found on /dev/sr0 [18:03] UnixDawg_: i've used git before, i setup multiple repos with it, never used a repo command [18:04] UnixDawg_: perhaps if you try to explain what your ultimate goal is/what guide you're using i could be of more help [18:04] diana1480: cd is scratched maybe? [18:04] amstan, tried with several cds and dvds [18:04] i need repo command to do the followin [18:05] diana1480: did this drive always do this or did it start recently? [18:05] http://www.android-x86.org/getsourcecode#TOC-Building-the-image [18:05] Greetings. [18:05] I am setting up the dev enviroment [18:05] Is anyone here running Vmware server 2 on Ubuntu Server Lucid x64 ? [18:05] and it seems the repo command that should be in git is missing [18:06] I have some issues and apparently they're fixed in lucid - but I'm worried about upgrading from 9.10 to 10.04 and breaking vmware server [18:06] amstan, just started recently. was [18:06] UnixDawg_: that is weird... try substituting "repo" with "git" [18:06] UnixDawg_: maybe you're looking for the python script called repo. i found one called 'repo.py' [18:07] there's also this: "First, follow this page to configure your build environment. Then", but the link is broken [18:07] diana1480: idk.. i would try another drive [18:08] UnixDawg_: and it's contained in the package 'python-git' [18:08] yay.. pmatulis saves the day [18:11] thanks [18:12] UnixDawg_: is it what you needed? === dendro-afk is now known as dendrobates [18:13] not repo is still not beiing found [18:13] and yes that page has gone missing [18:16] sorry this sucks . I install git on bsd and the repo command is there [18:16] btu it seems tobe missing here [18:20] http://source.android.com/source/git-repo.html [18:24] Daviey: ping? [18:24] ok found a link to get the repo [18:26] UnixDawg_: right, it's something outside of Ubuntu. so not to blame [18:30] hello guys [18:30] i cant detach a EBS volume after i rebooted the instance which the volume was attached, i cant use that volume on the instance too, i cant do anything with the volume =/ [18:30] someone can help me? === dendrobates is now known as dendro-afk [18:37] soren: was it you I was talking to at UDS about super-cheap website hosting? I need to take notes on my out-of-session discussions now. :P === NG_ is now known as ng_ [18:40] ok got it and the repo is setup [18:40] thnaks [18:44] Any ideas what's breaking this? 29% [Waiting for headers] [Connecting to security.ubuntu.com (91.189.92.167)] [Waiting for headerFATAL -> Failed to fork. [18:46] MTecknology: sudo apt-get -o Debug::Acquire::http=true update [18:46] kees, maybe me. dreamhost ? [18:47] jpds: aptitude update breaks but apt-get update seems to be fine [18:47] gimme a minute to scroll up to the top of that [18:48] MTecknology: Good. [18:48] you were going to write a filesystem or git backend on top of dreamhost files forever (https://files.dreamhost.com/) [18:49] !pastebin [18:49] For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. [18:50] jpds: here we go - http://paste.ubuntu.com/449767/ [18:51] err... [18:51] smoser: it looks good..except for the changelog which i fixed [18:51] oh. ok. i just pushed that to the bzr too === pgraner is now known as pgraner-afk [18:52] jpds: sorry- got a mess of crap going on - http://paste.ubuntu.com/449768/ [19:09] 8.04 LTS only offers me apache 2.2.8 from the repo. Am I able to run the patch in this dir http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/ to bring it up to that version? [19:09] smoser: yes! dreamhost, thanks. [19:10] Hypnoz: no [19:10] why wouldn't they just put 2.2.14 in the repo since its the newest version... [19:10] Hypnoz: but you should already have fixes for those in the version of apache that is in security updates for 8.04 [19:11] Hypnoz: because sometimes new versions bring changes that break stuff [19:11] SpamapS: how do I check and/or apply the patches from security updates? [19:11] are they auto installed when i did apt-get install apache2? [19:12] Hypnoz: check the change log [19:12] kees, so did you finish that git backend for me? [19:13] Hypnoz: should be auto-installed with an 'apt-get update && apt-get upgrade' [19:13] Hypnoz: /usr/share/doc/apache2.2-common/changelog.Debian.gz will have details on what patches have been applied [19:13] Hypnoz: (note, since its .gz, you can view i with 'zless') [19:16] nice tip I was doing gunzip [19:18] smoser: hah, no :) [19:19] SpamapS: so if i see my version as "apache2 2.2.8-1ubuntu0.14" does that mean I'm running 2.2.8 with security patches up to .14? [19:22] Hypnoz: it means you're running 2.2.8 and have several updates, possibly related to upstream fixes. see /usr/share/doc/apache2/changelog.Debian.gz for details. [19:24] Hypnoz: theres a list of actual changes applied in there. [19:29] yeah reading that file [19:29] but it doesn't seem like they applied all the patches, or they would have been able to claim a higher base version right [19:34] Hypnoz: its possible also that the vulnerability was introduced after 2.2.8 [19:36] Hypnoz: Ubuntu only applies important updates for stable releases. https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions [19:36] Hypnoz: if you need 2.2.14, I'd recommend upgrading to Lucid. [19:38] kees: I don't think so. :-/ [19:38] kees: Rackspace has some pretty cheap cloud servers, though :) === ajaya_ is now known as ajaya [19:42] kees: so 8.04 LTS will stay at apache 2.2.8 and only apply security updates from then on? [19:43] kees: seems they should be able to use apache 2.2.xx [19:49] kees: or maybe 8.04.5 would be when they upgraded to a new base version of apache and started applying security patches again from there [19:51] mathiaz: ping [19:52] after installing ubuntu server the computer boots and just hangs. it wont go to the next boot device and it doesnt display anything from booting linux. it just stops. [19:53] Hypnoz: it's just not how Ubuntu does things. :) [20:02] is it safe to replicate /etc/default/ accross servers [20:03] I just love it when you buy a brand new USB disk and mount it and you get this: [20:03] The disk contains an unclean file system (0, 1). [20:03] The file system wasn't safely closed on Windows. Fixing. [20:03] webPragmatist: probably not without checking for any sort of hostname parameters [20:03] oh is hostname stored in there [20:04] webPragmatist: well I'd just look through the files and make sure they've not been customized in a way that you wouldn't want to duplicate [20:04] webPragmatist: if you are going to do mass-configuration tho, you may want to look at Puppet. [20:04] i am using csync2 [20:04] which works fine [20:06] New bug: #594290 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.1 failed to install/upgrade: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/594290 [20:07] looks like everything is the same except on mac address [20:07] GRUB_CMDLINE_LINUX="BOOTIF=01-00-30-48-9d-7f-92" [20:07] whatever that does? [20:07] webPragmatist: you probably don't want to sync grub between machines. ;) [20:08] webPragmatist: unless they're 100% identical hardware. [20:10] webPragmatist: on my nis server i have /etc/default/nis with NISSERVER=master. Seems you wouldn't want to sync /etc/default across every server you have for little things like that [20:11] okay i just synced the one file i was needing to [20:21] SpamapS: hi! [20:22] i have an old server running intrepid. since that is no longer supported, i'd like to upgrade to lucid. would you guys recommend a fresh install? or can i upgrade through all those releases at once? [20:22] mathiaz: so bzr build deb stuff.. I want to make sure the work flow makes sense.. [20:23] mathiaz: i've been using the grab-merge script for merges.. [20:23] SpamapS: sure - what's your workflow? [20:23] the box's only purpose is svn server, and internal trac webserver. if I do a fresh install, i need to be sure that svn can be backed up and restored successfully [20:23] mathiaz: but it seems like it will be a lot easier with bzr [20:23] SpamapS: yes [20:23] any suggestions? [20:23] SpamapS: bzr branch lp:ubuntu/couchdb maverick [20:23] SpamapS: bzr branch lp:debian/sid/couchdb/ sid [20:23] mathiaz: with bzr, I can just do bzr merge /path/to/debian/version in my ubuntu branch and it works the same as the merge o matic, right? [20:23] SpamapS: bzr branch maverick m-merge-from-debian [20:24] SpamapS: cd m-merge-from-debian [20:24] SpamapS: bzr merge ../sid [20:24] SpamapS: and you're done [20:24] yeah ok thats what I thought. :) [20:24] Occasionally tho.. [20:24] peeps[work]: As long as you upgrade -> jaunty -> karmic -> lucid, it should be fine. No reason to reinstall. [20:24] debian has incorporated a lot of stuff and it would be easier to start from the debian version and re-apply the few things I want.. [20:24] SpamapS: actually you wanna use merge-package instead of merge [20:24] SpamapS: https://wiki.ubuntu.com/DistributedDevelopment/Documentation/Merging [20:25] mathiaz: ah I hadn't gotten that far in the docs.. heh [20:25] mathiaz: anyway, so if I wanted to pull from ubuntu -> debian and then push the debian tree as the new version ... well shoot I should just read that wiki page first [20:26] SpamapS: yeah - that wiki page covers it [20:26] woh what the heck [20:26] SpamapS: you wanna start from the ubuntu branch though [20:26] SpamapS: as you're working in ubuntu [20:26] SpamapS: and you'll merge debian into the branch [20:27] why is it in VIM on my terminal the left arrow spits out like "D" and "S" [20:27] mathiaz: right, I'm thinking about the size of the merge proposal.. :) [20:27] SpamapS: that's ok [20:27] in insert mode [20:27] SpamapS: when I'll do the review I usually have the ubuntu, debian and proposal branches [20:28] SpamapS: so that I can review the diff as I want [20:28] SpamapS: I usually don't look at the diff on the LP merge proposal page as it's too big there [20:28] SpamapS: doing things like: bzr diff --old ../sid/ debian/ [20:28] SpamapS: is very simple when using local branches [20:29] this sucks [20:29] mathiaz: it's not necessary to type SpamapS b4 everything you type [20:31] mathiaz: alright, that makes sense. :) [20:31] mathiaz: I'll shortly re-submit the couchdb merge as a merge proposal w/ the changelog and control fixes you suggested. [20:31] mathiaz: are you reviewing hallyn's qemu-kvm merge? [20:31] mathiaz: or should i? [20:31] kirkland: I've looked at it [20:32] kirkland: but I'd more conformtable if you could also review it [20:32] kirkland: I've commented on some packaging bits [20:32] mathiaz: okay [20:32] kirkland: but as far as the technical content I'm less sure [20:32] kirkland: wrt to patches and so on [20:32] mathiaz: right [20:33] kirkland: so yeah - i'd like you to review it as well [20:33] SpamapS: great - thanks [20:34] mathiaz: will do [20:34] mathiaz: hallyn: where is it? [20:35] kirkland: https://code.launchpad.net/~serge-hallyn/ubuntu/maverick/qemu-kvm/update-to-12.4/+merge/27293 [20:36] kirkland: https://code.launchpad.net/~ubuntu-branches/ubuntu/maverick/qemu-kvm/maverick/+activereviews [20:36] kirkland: ^^ this is where you can see the list of merge proposal for a specific source package [20:42] what do I need to do to move https://launchpad.net/ubuntu/maverick/+queue?queue_state=0&queue_text=ebsmount to universe ? [20:44] smoser: It is in universe. [20:44] so it will build and be available ? [20:44] i dont need an archive admin action ? [20:44] smoser: Yes. [20:45] An archive admin needs to review it. [20:45] ah. ok. thats what i thought. [20:45] anyone using pacemaker / corosync…. I am having trouble figuring out what to set bindnetaddr to [20:45] http://www.openais.org/doku.php?id=faq:configure_openais [20:45] is it possible to push another upload there at this point, ScottK ? [20:45] to (per -devel conversations) disable functionality by default [20:45] smoser: It is. I can reject that one and you can reuse the version number. [20:46] whats 10.17.180.88 && 255.255.255.128 [20:46] 10.17.180.127 ?? [20:46] ScottK, sure. [20:46] please do [20:46] smoser: Done. [20:48] hrm [20:51] zul, can you re-review lp:~smoser/+junk/ebsmount.maverick.dev [20:53] hggdh, ping [21:00] smoser: pong [21:00] what do we know from eucalyptus regarding about:blank [21:00] whoops [21:00] https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/566792 [21:00] Launchpad bug 566792 in eucalyptus "metadata service returns empty data with 200 OK" [High,Confirmed] [21:00] do we know anything more ? [21:00] funny , about:blank is ~ 200 OK with empty data [21:01] only that Chris sent out that email last Friday (which we commented about). No further news [21:01] heh [21:09] can ssh listen on two ports? [21:13] LowValueTarget: two instances can (and must) listen on different ports [21:20] thanks bu [21:20] thanks guntbert === pgraner-afk is now known as pgraner [21:21] LowValueTarget: you're welcome :-) (you have to start two instances of sshd though) [21:21] actually, one SSH can run on more than one port [21:22] hggdh: comma separated 'Port' configuration option? [21:23] hggdh: really? I didn't know that -- sorry LowValueTarget for the misinfo [21:23] LowValueTarget: *that* I do not know, I just use as many Port directives as needed [21:23] guntbert: indeed === wieshka_ is now known as wieshka [21:24] hggdh: thx - its always nice to learn new things :-) [21:26] welcome [21:27] Hi All... How can I add a 2nd NIC to a KVM image and have it be on the same "physical" network as the 1st NIC, but diff subnet? [21:29] hello guys, i cant use the authentication to print in CUPS, someone can help me? [21:31] no worries guntbert [21:59] man [21:59] why are the HA guys so hard to find around :* [21:59] :( [22:02] does add-apt-repository not work in lucid server? [22:02] I want to add the ppa for a program but i can't [22:09] kirkland: are we a go for Lexington next week? [22:12] hey, is there a ssh-askpass for ubuntu server to use from the command line so i can put the passphrase in once and use my keys to connect to any server rather than passphrase on every connection, had a look in apt-get and they seem to be x11 based [22:13] Aegil: ssh-add? [22:15] doing an upgrade from intrepid to jaunty. it looks like it's stuck restarting cups. process "/usr/lib/cups/daemon/cups-driverd list 1 0 requested-attributes=all" in htop is taking 9+ minutes of CPU [22:15] does that sound normal? [22:22] Anyone know where I can find a current deb of freeipmi-bmc-watchdog? Universe has an ancient one which broken init scripts... [22:28] mathiaz: thats what I needed, couple of problems with it not detecting authentication agent, but thats exactly what i needed, thanks [22:31] should i kill this cups process? i don't think it's going anywhere. 17+ minutes CPU time now... [22:32] hggdh: yessir [22:32] kirkland: can i come? [22:33] hggdh: actually, let's make sure sylvain can do it [22:33] MTecknology: heh :-) [22:33] kirkland: :( fine.. I'll just stay here and not party with you guys [22:34] my upgrade is stuck... :-( [22:34] MTecknology: lexington is pretty boring, actually [22:35] I'm lost.. I have 7 servers. sshd_config are exactly the same, .ssh/authorized_keys are exactly the same, permissions on everything... exactly the same. I have one user account that can't log in on 2 servers, and another user that can't login on another... Permission denied (publickey,keyboard-interactive). [22:35] Any ideas what I might be missing? [22:36] kirkland: but i'd be hangin' with the cool cats - i'll feel special if you ever have a reason to invite me somewhere :P [22:37] MTecknology: i'll keep that in mind [22:37] debug3: key_read: missing whitespace [22:37] I wonder if that's the issue.. [22:38] smoser: upload done [22:40] I get this error when I try to log into one server, but not the other.. http://dpaste.com/207278/ [22:43] kirkland: I will wait until tomorrow, then [22:44] MTecknology: you *could* go, just a question of paying for your own expenses ;-) [22:45] hggdh: probably can't do that :P - if one of our clients doesn't pay us this week I'm out on the streets :P [22:45] s/:P/:(/ [22:46] MTecknology: ugh! [22:46] hggdh: yeah, let's check with spineau, thanks. [22:47] hggdh: the price of running your own business, huh? [22:48] MTecknology: been there, done that [22:52] :S .. how do you go from debug1: Offering public key: /root/.ssh/id_dsa to debug2: we did not send a packet, disable method [22:53] debug3 tells me it sent [22:53] "Yup, I sent it, here's the proof of transmission - oh wait- i lied" [22:56] i did an upgrade, and it failed to reconfigure cups during the upgrade. it just sits and uses all CPU forever every time it gets to that part, and I have to Ctrl-C it. can anyone help me? [22:57] anyone think it would matter if i disconnect the printers? [22:59] i don't know if i should just continue to the next distro upgrade and hope that fixes it, or make sure it's working first [23:00] i just upgraded from intrepid to jaunty. plan on eventually getting to lucid [23:07] reboot didn't even make these listen [23:07] I have absolutely no clue at all what's broken... [23:10] MTecknology: can you try running sshd -d -d -d -P 2222 as root, and then try to login using 'ssh -p 2222' ? [23:10] MTecknology: that will show you a lot of debug info on the sshd side [23:11] oh wait [23:11] sshd -d -d -d -p 2222 [23:12] SpamapS: sshd re-exec requires execution with an absolute path [23:12] /usr/sbin/sshd then [23:13] should see Server listening on :: port 2222. [23:13] as the last line before you connect [23:13] SpamapS: interesting.... [23:13] sshd --help gives me the same error [23:14] MTecknology: yes it will you have to explicitly say /usr/sbin/sshd [23:14] thats the sshd guys doing super magic security auditing and finding some reason that its important. ;) [23:15] :P [23:16] I suppose I'll need to disable ufw for that [23:16] MTecknology: oh just ssh from the same host for now [23:16] unless the problem isn't reproducible that way [23:16] it's not [23:16] but yeah I guess if you have draconian firewall rules you need to allow 2222 ;) [23:16] err- maybe [23:17] draconian? [23:17] Kafkaesque? ;) [23:17] http://dpaste.com/207288/ [23:17] MTecknology: very hard core. ;) [23:17] oh, I just do ufw default deny :P [23:18] anyone know of an offsite backup service that allows backing up from network attached drives? [23:18] input_userauth_request: invalid user root [23:18] MTecknology: are you trying to login directly as root? [23:18] yes, using shared keys [23:18] *evil* [23:18] PermitRootLogin without-password [23:19] :P [23:19] MTecknology: User root not allowed because account is locked [23:19] i know - but it's a dev environment that pretty much gets blown away weekly [23:20] Thats an even *bigger* reason not to allow permissive things. [23:20] it is? [23:20] Development environments should have more limitations and alarms than production. [23:20] Catch the problems *before* they go out. [23:20] staging is locked down [23:20] somebody's going to make a script that needs to login as root now ;) [23:21] dev is open, staging is locked down, production is slightly more open [23:27] SpamapS: thanks a whole spanking lot [23:29] MTecknology: did you figure it out? [23:33] SpamapS: passwd -u $USER [23:33] SpamapS: just that amazingly simple... [23:34] MTecknology: glad you could get it going. I *hate* sshd problems. ;) [23:35] SpamapS: indeed - thanks very very much - I fought that over an hour :P [23:37] MTecknology: take out your frustrations on those dead beat clients who won't pay. ;) [23:38] SpamapS: :P [23:38] sounds awesome [23:41] SpamapS: hey, if you were going to backup the most important parts of a system (so you could restore easily enough), you would want /var/ /etc/ /home/ and anything else? [23:43] MTecknology: back it all up [23:43] MTecknology: don't be stingy with backups *EVER* [23:44] SpamapS: that's a lot of data running across the wire - ~50GB which changes hourly - I'd pay out the crapper hole for that [23:51] 100%!!!