/srv/irclogs.ubuntu.com/2011/06/07/#ubuntu-server.txt

m_tadeu	hi everyone....what's the best way to guarantie that a service runs no matter what? like if it dies, something to run it again, get notification for that, etc	00:09
Ryan_Lane	I'm trying to install libactiverecord-ruby1.8 on ubuntu 10.04 server, but apt says it doesn't exist...	01:16
Ryan_Lane	it's supposed to be in the universe repo, but doesn't seem to be	01:16
genii-around	!info libactiverecord-ruby	01:16
ubottu	libactiverecord-ruby (source: rails): ORM database interface for ruby. In component universe, is optional. Version 2.3.5-1.2ubuntu1 (natty), package size 4 kB, installed size 36 kB	01:16
genii-around	Hm	01:17
Ryan_Lane	is it just missing? it definitely seems like it should be there	01:26
jeremy_c	I just upgraded my remote server that I have no console access to, i.e. ssh only. At the end of the upgrade it said "Upgrade complete but some errors occurred." This is 8.04 -> 10.04. I do not have the ability to scroll back and see the errors. What now?	02:46
twb	jeremy_c: /var/log/apt, /var/log/dpkg	02:48
twb	I don't follow the official upgrade procedure, so there may be other fancy-pants d-r-u logs that I don't know about.	02:48
jeremy_c	twb: thanks.	02:49
jeremy_c	twb: it doesn't seem to include anything about the do-release-upgrade. Last log entry is from early this morning when I did an apt-get install links	02:50
twb	jeremy_c: no dpkg/term.log ?	02:51
twb	dru may bypass apt :-/	02:51
jeremy_c	there is /var/log/dpkg.log which shows install of packages from the dru but no error information.	02:52
jeremy_c	no /var/log/dpkg dir though.	02:52
* jeremy_c is afraid to reboot :-)		02:54
ScottK	I would check /boot/grub/menu.lst and make sure it's set to boot a kernel that's installed (and for Lucid)	03:00
twb	Wait, doesn't d-r-u manually run its own screen session now?	03:01
twb	So he should be able to ^A[ to get to scrollback	03:01
ScottK	Not that I noticed.	03:01
ScottK	Certainly not in Lucid it didn't.	03:01
twb	ok	03:01
twb	I thought it did	03:01
sbeattie	twb: not in lucid, but in maverick it does.	03:02
=== med_out is now known as med
ScottK	I'd also make sure sources.list points a lucid, apt-get update and then apt-get dist-upgrade.	03:02
=== med is now known as medberry
ScottK	That'll make sure all the package upgrades are done.	03:03
ScottK	If you've got all the packages upgraded and grub is set to boot the correct kernel, odds of it coming up post-boot are reasonably good.	03:03
sparc	Is there a way to detect the architecture of DHCP clients from ISC DHCPD ?	03:10
sparc	I don't see anything in the man pages, but I figure there must be a way. I'm trying to send different 'filename' options to PXE clients, so they get the right PXELinux boot code.	03:11
jeremy_c	menu.lst shows kernel 2.6.24-26 w/date/time about the time dru was run.	03:21
jeremy_c	ScottK: in regards to Lucid, how do I tell? The titles still say "Ubuntu 8.04.4 LTS" ... I did a apt-get update && apt-get upgrade this morning in prep for this dist-upgrade tonight. The kernel versions didn't actually change from this morning.	03:22
ScottK	2.6.24 is a hardy kernel.	03:23
ScottK	Does your sources.list say lucid?	03:23
jeremy_c	sources.list show lucid	03:23
jeremy_c	all hardy references are commented out in sources.list	03:23
twb	jeremy_c: as root, run "apt-get dist-upgrade --dry-run" and pastebin the output.	03:24
twb	jeremy_c: that should tell us what (if any) outstanding upgrades exist	03:24
jeremy_c	not by me, seems that they were ones that existed and were commented out prior to upgrade, i.e. hardy partner, hardy main restricted.	03:24
jeremy_c	http://pastie.org/2030377 ... apt-get dist-upgrade --dry-run	03:26
ScottK	Do you have a kernel metapackage (e.g. linux-image, linux-image-generic, linux-generic-pae) installed?	03:26
ScottK	If the kernel metapackage got removed from some reason that would explain having the old kernel still	03:27
jeremy_c	http://pastie.org/2030381 ... dpkg -l \| grep linux	03:27
jeremy_c	http://pastie.org/2030387 ... ls /boot -l	03:29
twb	ScottK: so spamassassin is preventing him installing a newer perl (I think), but everything else is OK?	03:30
twb	as far as apt is concerned, I mean	03:31
ScottK	Wrong kernel	03:31
jeremy_c	should I do a apt-get -f install ?	03:32
twb	Dunno	03:32
ScottK	Yes.	03:32
ScottK	Best case it fixes stuff, it won't break things worse.	03:32
twb	If it was me, I would do it, but I can handle whatever it throws at me	03:33
ScottK	Read what it says it's going to do before you say yes	03:33
twb	+1	03:33
jeremy_c	seems pretty benign	03:33
ScottK	Can you pastebin it?	03:34
jeremy_c	hm, already started it.	03:34
ScottK	OK.	03:34
jeremy_c	apt-get --dry-run dist-upgrade now shows: 524 upgraded, 165 newly installed, 6 to remove and 0 not upgraded. linux-image-2.6.32-32-server being one of them.	03:39
twb	zoiks	03:39
twb	So it sounds like something perl-y broke down, and now it is fixed you can carry on	03:39
jeremy_c	so dru or apt-get dist-upgrade?	03:39
twb	Not sure	03:39
twb	I don't trust dru to do the right thing, but I get yelled at if I tell newbies that it's junk	03:40
ScottK	At this point apt-get dist-upgrade	03:40
jeremy_c	twb: :-D	03:40
jeremy_c	ScottK: OK.	03:40
ScottK	dru works fine but it's not designed to start from the middle.	03:40
jeremy_c	only has to download 1.2mb out of 622mb, so dru must have gotten most things.	03:41
ScottK	What are the 6 to remove?	03:41
jeremy_c	forget, but they were things I don't use, realized they were of no concern and just went on.	03:42
jeremy_c	I can tell you in a sec, I have it in a log, but it's unpacking/installing right now.	03:43
jeremy_c	libcupsys2 libdatrie0 libgems-ruby1.8 librpm4.4 python-psycopg texlive-base-bin	03:43
ScottK	Agreed.	03:46
ScottK	Should all be fine.	03:46
=== ujjain is now known as ujjain\|afk
JoeCoder_	I did a rm /var/log/mail.*	03:55
JoeCoder_	and now the mail logs aren't recreated whenever something happens.	03:56
JoeCoder_	I can recreate them, but user/group/permissions should they have?	03:56
JoeCoder_	even after chmod 777'ing it, nothing is written	03:59
ScottK	-rw-r----- 1 syslog adm 1456 2011-06-06 13:58 /var/log/mail.log	04:00
JoeCoder_	thanks	04:01
JoeCoder_	I had tried that once already	04:01
JoeCoder_	I'll reboot--the fixall for the novice!	04:01
JoeCoder_	and now it works, and the permissions for those files ar eset	04:01
=== medberry is now known as med_out
jeremy_c	I am down to this error installing procps: http://pastie.org/2030485	04:06
jeremy_c	ScottK: twb any ideas about http://pastie.org/2030485 ?	04:12
twb	That's weird	04:13
twb	Knee-jerk reaction is to blame LSM (e.g. apparmor)	04:13
jeremy_c	Any ideas on fixing it?	04:14
ScottK	You didn't run out of space did you?	04:15
ScottK	If not, I'd check and see if the backup symlink already exists.	04:15
jeremy_c	nope.	04:15
jeremy_c	62% use is the highest use disk mounted.	04:16
jeremy_c	I think I am done. forcing it made it pass.	04:20
jeremy_c	ScottK: twb: 2.6.32-32-server sound OK for the kernel? They are in menu.lst as Ubuntu 10.04.2 LTS	04:22
ScottK	linux \| 2.6.32.32.38 \| lucid-updates \| amd64, i386	04:23
ScottK	Yes.	04:23
Nafai	Hey ScottK, ltns!	04:24
jeremy_c	ScottK: twb: Thanks! The server reboot just fine. Now reports 10.04	04:27
ScottK	jeremy_c: Congratulations.	04:27
jeremy_c	now I guess we should continue to 11.04 :-/ I hate dist upgrades :-/	04:30
twb	Bah	04:31
twb	non-LTS can FOAD IMO	04:31
jeremy_c	FOAD?	04:32
twb	"go away"	04:32
jeremy_c	hm, 11.04 isn't LTS?	04:32
twb	It is not	04:32
jeremy_c	I guess I am a bit confused, is LTS software that is outdated but continuting to be supported?	04:33
qman__	LTS releases are supported longer than normal ones	04:34
qman__	normal releases are on a 6 month cycle, which is too fast for most production environments	04:34
qman__	LTS releases are on a two year cycle	04:34
twb	Canonical nominally provides support to its customers for releases. Certain packages in LTS releases get substantially longer support than they otherwise would.	04:35
twb	Even if you aren't paying for Canonical support, some of that benefit rubs off because they issue e.g. security updates to everyone	04:35
twb	So in short: yes, except instead of "outdated" we say "stable"	04:36
jeremy_c	so, in a production env I should stick w/10.04 then is what you are saying?	04:40
rewt	it's up to 10.04.2	04:44
twb	Yes	04:56
=== cypha`` is now known as cypha
=== RefaelAlats is now known as FernandoTertius
=== FernandoTertius is now known as FernandoTertiary
=== RefaelAlats is now known as FernandoTertius
=== FernandoTertius is now known as FernandoTertiary
=== cerber0s is now known as cerberos
=== smb` is now known as smb
=== fenris is now known as Guest8457
Daviey	lynxman, Hah! I had no idea you had created a meta data service for orchestra. Nice one :)	09:46
lynxman	Daviey: yeah it's just a very limited easy one	09:46
Daviey	well yeah, but it's something :)	09:46
lynxman	Daviey: definitely =)	09:47
amitk	newbie ec2 question: How does one make the instance of ubuntu ec2 images persistent? i.e. If I install some apps, then terminate my instance I want to be able to restart the instance and find the apps installed.	09:58
lynxman	amitk: you have a couple of ways for that, you can use EBS as your root fs (there's AMIs that implement that) or you can just make an AMI once you're happy with how the server looks and be able to spawn new instances	09:59
lynxman	amitk: both have different usage scenarios so make sure the one you choose fits what you need	09:59
amitk	lynxman: I've already downloaded the ubuntu 10.04 EBS image to use with the free AWS offer. Can I customize that and make it peristent?	10:04
lynxman	amitk: that is already persistent, if you terminate the instance your disk remains as an EBS volume, you just need to start a new instance pointing at that ebs vol	10:05
amitk	lynxman: hmm, how do I point to the ebs volume?	10:05
lynxman	amitk: a quick Google showed up this http://serverfault.com/questions/234061/re-gaining-root-access-to-an-ec2-ebs-boot-image	10:07
amitk	lynxman: aah thanks. I've been googling for an hour with no result. I was missing the right language (keywords) to google.	10:08
lynxman	amitk: no worries =)	10:09
amitk	and how does 'snapshots' figure into this? I thought I had to snapshot the instance to be able to persist	10:11
lynxman	amitk: a snapshot is your base image for the AMI	10:11
lynxman	amitk: so an AMI will always use a snapshot to spawn an EBS volume to boot from	10:12
laen	When i initiate an apt-get upgrade, and it upgrades apache, it _changes_ the permissions on the already available /var/www folder. It shouldn't, and it's a bad practice of doing so. Even though Ubuntu developers apparently can't be trusted with creating proper packages, what other ways are there to prevent permission changes on folder /var/www?	10:15
lynxman	laen: as far as I know it's bad practice to change the permissions of a directory created by a package :)	10:17
laen	I'm looking for a generic solution, not a per-server btw.	10:17
laen	Cause apt-get is always right, right?	10:17
laen	I didn't make up the permissions, we're talking about a professional environment i have to suppoirt, and didn't create.	10:18
soren	laen: What exactly changed?	10:18
soren	(Although I do wonder why you're asking advice from people you don't trust)	10:19
laen	Ow apparently, i head now, it was the permissions on /var/log/httpd	10:19
laen	Cause i have to support Ubuntu, even though i don't want to.	10:19
soren	/var/log/httpd ?	10:19
soren	We don't use /var/log/httpd	10:19
lynxman	soren: I think he means /var/log/apache2	10:19
soren	Then he should say that instead.	10:19
soren	laen: Which is it? httpd or apache2?	10:20
laen	Right, something like that. It was indeed log files beeing stored in /var/log/apache2 by the customer.. (and that is bad practice as well, i know, not my idea, and don't agree).. once the permissions change the customer apache instance can't store apache2 log files anymore.	10:20
soren	Well, the generic, not per-server solution is to fix the problem, not the symptoms.	10:21
soren	Hence, I'd like to know exactly what changed so that I can try to work out why it happened.	10:22
soren	Looking at apache's postinst, it should only be setting ownership on initial installs, never on upgrades.	10:23
soren	Or not.	10:26
soren	shrug	10:26
TheAshMan	I recently changed the IP of one of my servers and whenever I log in it displays two versions of the "welcome" screen. The second version has the old IP on it. How do I remove it?	10:30
TheAshMan	the second one also says "System information as of Fri May 13 15:32:01 BST 2011"	10:30
xampart	TheAshMan: possibly /etc/motd.tail	10:31
TheAshMan	do I just empty the file?	10:32
TheAshMan	apparently so	10:33
TheAshMan	Thanks :)	10:33
=== jibel_ is now known as jibel
amitk	is this the right way to mount an EBS volume as the root device? ec2-run-instances ami-2ec83147 --instance-type t1.micro --region us-east-1 --key amit -b '/dev/sda=snap-foobar'	11:32
amitk	it mounts /dev/sda and creates another /dev/sda1 EBS for me	11:33
amitk	I'm trying to figure out the simplest way to have my Ubuntu 10.04 64-bit instance kept up to date (persistent)	11:34
amitk	lynxman: ^	11:35
TeTeT	amitk: I believe you need to use a special EBS root AMI that you can stop rather than terminate if not needed	11:35
TeTeT	amitk: the EBS space will cost some money, but the instance can be stopped and started at will	11:36
lynxman	amitk: TeTeT is right, you need to start the instance from an EBS AMI, then stop, detach the created image and attach yours, I know its not the most elegant but... that's the only way I know	11:36
amitk	TeTeT: aah, so I shouldn't be terminating. Only starting and stopping?	11:37
TeTeT	amitk: try this one, not sure if it's lucid, but should be ebs backed: ami-9d4ba5f4	11:37
TeTeT	amitk: yes, regular instances can only be started and terminated and rebooted, ebs root instances can also be stopped	11:37
amitk	EBS space is free (10Gb) with the AWS free tier	11:38
TeTeT	didn't know that	11:38
amitk	all documentation points to terminate	11:39
amitk	TeTeT: I believe that ami-2ec83147 is an official Ubuntu 10.04 64-bit EBS-backed AMI	11:39
iam3fun	hello	11:40
iam3fun	;]]]	11:40
amitk	so I'm only trying to get my changes to be persistent	11:41
laen	soren: sorry was in a meeting, but i'll find a solution, thanks though	12:07
sveinse	I have added "manual" to a service in /etc/init, but after this, upstart wont recognize the service at all. Does anyone have any examples of how to use a manual service?	12:52
sommer	morning all	13:14
=== ujjain\|afk is now known as ujjain
zul	lynxman: this one? mcollective-server-provisioner	14:05
lynxman	zul: yessir	14:07
zul	lynxman: ok first it should be in a bzr branch again	14:12
lynxman	zul: there's one :)	14:12
zul	lynxman: can you use quilt for the patch	14:12
lynxman	zul: hm?	14:13
zul	lynxman: you modified the source can we have a clean source and then you apply the patch again	14:13
lynxman	zul: that'll be fairly difficult :/	14:13
lynxman	zul: the changes are enormous	14:13
zul	lynxman: why?	14:13
lynxman	zul: and they'll be merged upstream next week	14:13
zul	lynxman: k	14:14
lynxman	zul: would it be possible to get this one rolling and then I'll generate a new version as soon as the changes are in?	14:14
zul	lynxman: yeah	14:14
lynxman	zul: thanks ^^	14:14
zul	lynxman: also the plugins dont work with out the mcollectiver-server-provisioner do they?	14:14
lynxman	zul: they do, there's a plugin for the provisioner in the package	14:15
lynxman	zul: but all the rest are operationally independent	14:15
zul	lynxman: ok just making sure	14:15
lynxman	zul: each agent should be able to stand on its own, and each have its own Requires	14:16
zul	lynxman: for the postinst you probably want service mcollective restart \|\| true	14:16
zul	lynxman: get rid of the watch file	14:16
lynxman	zul: cool, same as always :) doing those changes nao	14:17
zul	lynxman: in the upstart put the start on, stop on repsawn before the pre-start block	14:17
kickar	hey guys can someone assist me to convert mysql from latin1 to utf8?	14:21
kickar	and very wierd one of my ubuntu servers is actually reading the database good	14:21
kickar	the other one is messed up	14:21
kickar	anyone can help me?	14:21
Pici	kickar: #mysql might be a better place to ask if you anre't getting help here. also, try to be patient, you just ask your question.	14:22
kickar	it is weird	14:23
kickar	maybe it is a apache setting?	14:23
kickar	cause my one machine is OK, but theother one not	14:23
lynxman	zul: changes in repo, new package building	14:40
zul	k	14:41
teaforthecat	hello I am trying to create a raid1 from a single disk. after $ sfdisk -d /dev/sda \| sfdisk /dev/sdb /dev/sdb2 has only one block so I can't format it. thanks.	14:57
teaforthecat	am I doing the right thing to create a raid1?	14:58
pmatulis	teaforthecat: raid1 on one disk is questionable	15:00
pmatulis	teaforthecat: hm, ok, you mean 2-disk array based on a single non-raided disk	15:00
teaforthecat	yes	15:00
teaforthecat	I understand I create a degraded array first, copy the data over, then add the original disk to the array	15:01
Ddorda	where phpmyadmin keep its logs?	15:02
teaforthecat	Ddorda: Open /etc/php.ini file and find error_log	15:04
teaforthecat	I created a gist that shows the confounding error at the bottom: https://gist.github.com/1012330	15:14
uvirtbot	New bug: #792713 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/792713	15:16
=== cerber0s is now known as cerberos
m_tadeu	I need something to start services if they go down, and get notification when that happens....what do you guys suggest?	16:18
koolhead11	m_tadeu, check monit	16:20
axisys	what updates the following files ?	16:32
axisys	/var/lib/apt/update_success /var/lib/apt/periodic/update-stamp /var/lib/apt/lists/lock	16:32
axisys	and I have this script http://pastebin.com/q81uZk7X that alerts if they are newer than 7 days.. trying to find out what is the significance of that	16:33
axisys	s/that alerts if they are newer than 7 days/that alerts if they are older than 7 days/	16:33
=== koolhead11 is now known as koolhead11\|afk
RoAkSoAx	zul: ping?	16:52
zul	RoAkSoAx: whats up?	16:52
RoAkSoAx	zul: so wanted to discuss some cobbler stuff with you, free?	16:52
zul	RoAkSoAx: sure	16:53
RoAkSoAx	zul: 1st: When we import the mini.iso it will create a Repo for main/universe, and another one for security	16:53
zul	RoAkSoAx: okies	16:54
RoAkSoAx	zul: the repos by default are disabled so if we run cobbler reposyng it will not sync the archives	16:54
RoAkSoAx	zul: so anyways, I'm guessing that the behaviour is desired, correct?	16:54
zul	i believe so	16:54
RoAkSoAx	zul: ok, so now, the thing is how can I automatically determine the country and stuff to set the repo	16:55
RoAkSoAx	zul: if we are in the us, use us.archive if we are in Italy, us it.archive	16:55
RoAkSoAx	etc etc	16:55
RoAkSoAx	any ideas?	16:55
zul	RoAkSoAx: iirc there is a way to determine which mirror you can use with apt, check with mvo	16:56
RoAkSoAx	zul: cool	16:56
RoAkSoAx	zul: 2nd: TYo be able to use the repo and stuff, we need to tweak the preseed... should we just document that or should we make that happen automatically?	16:57
zul	document it for now	16:57
RoAkSoAx	zul: ok thanks ;)	16:57
RoAkSoAx	zul: ahh I think we cannot use apt to determine which archive repo to use in case we submit it upstream, otherwise it wouldn't work on non-debian machines	16:58
zul	RoAkSoAx: assuming that they have /etc/apt/sources.list setup properly on the cobbler server why not gleeem it from there	16:59
tdelam	hi guys, is jaunty 9.04 no longer supported? my apt-get update gives me all 404's	16:59
zul	tdelam: its not	16:59
tdelam	zul: Hm, what could the reason for those 404's be?	16:59
adam_g	/win/j #ubuntu-meeting	17:00
zul	tdelam: its not supported	17:00
tdelam	oh	17:00
tdelam	how can I upgrade now that apt is dead?	17:00
RoAkSoAx	zul: ok	17:00
jdstrand	tdelam: http://old-releases.ubuntu.com/releases/	17:01
tdelam	ah :/	17:02
jdstrand	tdelam: I would recommend using: 'sudo do-release-upgrade' and upgrade to 9.10. then do it again to get to 10.04. both 9.04 and 9.10 are not supported (but 10.04 is because it is an LTS)	17:03
tdelam	no easy way to do this I guess. Server is 4000 miles from me serving about 200 web sites.	17:03
tdelam	oh	17:03
jdstrand	tdelam: 9.10 hasn't been moved to old-releases yet. you should be able to upgrade in the manner I described	17:03
tdelam	An upgrade from 'jaunty' to 'lucid' is not supported with this tool.	17:04
jdstrand	tdelam: no. LTS to LTS is supported or release to the next release. jaunty wa not LTS, so you must go through 9.10 (karmic)	17:04
tdelam	jdstrand: Oh I see, can I specify that with this command?	17:05
jdstrand	tdelam: it can detect it. 'sudo do-release-upgrade' is all you need to do. you'll do that (it is cli) and it will upgrade, then reboot. then you'll do it again	17:06
jdstrand	tdelam: it should be stated that doing this has an element of risk	17:06
tdelam	jdstrand: Yea, that's what i did and got back that error message.	17:07
jdstrand	tdelam: with you being 4000 miles away, if something goes wrong or the system is unbootable, then you are in trouble	17:07
jdstrand	tdelam: you got the 404 message?	17:07
tdelam	jdstrand: http://pastie.org/2033024	17:07
jdstrand	hmm	17:08
jdstrand	it didn't like that karmic is eol too	17:08
jdstrand	tdelam: you have to do jaunty -> karmic the hard way	17:08
tdelam	jdstrand: can you direct me to how to it the hard way without apt?	17:09
jdstrand	tdelam: update /etc/apt/sources.list to substitute all occurences of 'jaunty' with 'karmic'. then do 'sudo apt-get update && sudo apt-get dist-upgrade'	17:09
tdelam	oh	17:09
tdelam	thats not so hard :)	17:09
jdstrand	tdelam: please note, this method of upgrading is not at all as well tested and that 'do-release-upgrade' has special logic to make sure that things go smoothely	17:10
tdelam	ok	17:10
jdstrand	tdelam: there is more risk with this method. you may want to start sshd manually to listen on a different port, then login via that port and do 'sudo -i' before the upgrade so you have a root prompt	17:11
jdstrand	tdelam: in case anything goes wrong	17:11
jdstrand	tdelam: once you upgrade to karmic, reboot, then you can use do-release-upgrade	17:11
tdelam	ok	17:11
jdstrand	tdelam: good luck (and make backups if possible)	17:11
tdelam	Di have automated ones, for years now	17:12
tdelam	in /mnt/disk2 :)	17:12
jdstrand	tdelam: you know	17:13
jdstrand	tdelam: you should probably do the 'sudo apt-get update && sudo apt-get dist-upgrade	17:13
jdstrand	' in the speciall sshd	17:13
tdelam	alright	17:13
tdelam	i am getting that going now	17:13
jdstrand	in cause the one that is upgraded goes down	17:13
jdstrand	s/cause/case/	17:14
jdstrand	tdelam: good luck :)	17:14
tdelam	thanks :D	17:14
tdelam	note to self -- stay on top of upgrades	17:14
=== Corey__ is now known as Corey
tdelam	jdstrand: on karmic now do-release-upgrade started.	17:38
jdstrand	\o/	17:38
tdelam	so far so good. I don't want to jinx myself though	17:38
tdelam	all webservices are running smoothly too.	17:38
tdelam	minus the mini downtime for rebooting :)	17:38
tdelam	had to be done though	17:39
m_tadeu	koolhead11\|afk: thanx a lot	17:39
j1mc	sommer: i should have a test build of the server docs in that new layout available within the next few days.	17:50
sommer	j1mc: sweet that'd be awesome	17:51
=== NG_ is now known as ng_
j1mc	i'll let you know when it's ready. :)	17:51
sommer	j1mc: sounds good, thanks for your help!	17:51
j1mc	you are very welcome! : )	17:52
j1mc	sommer: we have a docs team meeting set for this sunday at 20:00 UTC. just an FYI in case it is convenient for you.	17:52
j1mc	it's 3:00pm central time	17:52
sommer	j1mc: ya, I'll try to be there, but I'm not sure what I have going this weekend.	17:53
j1mc	no worries	17:53
j1mc	:)	17:53
maccam94	i'm trying to enable TLS secured replication in openldap, following the ubuntu 10.04 server guide. when i try to modify the ldap config to add the certificates on the slave, i get the following error: ldap_modify: Inappropriate matching (18) additional info: modify/add: olcTLSCACertificateFile: no equality matching rule	18:20
maccam94	i'm getting the error on step 6 here: https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html#openldap-tls-replication	18:20
sommer	maccam94: what command are you entering?	18:23
maccam94	it's on step 6 in the section of the page i linked, it's a slapd command followed by adding stuff to the tree	18:25
maccam94	sommer: i can paste what i'm running to pastebin, but it looks almost exactly the same as what's on page	18:25
maccam94	i just changed the hostname for the keys	18:25
sommer	maccam94: so you have the olcTLSCACertificateFile setup?	18:25
maccam94	i have the files in /etc/ssl/certs and /etc/ssl/private, yes	18:26
maccam94	it doesn't look like it's even trying to load them though	18:26
sommer	maybe try adding the CA entry by itself, then try adding the entries for the server's cert and key	18:26
=== JGJones is now known as Nintendo
maccam94	i had a problem with permissions on the master initially, where slapd wouldn't start because it didn't have permissions to read them, but this error occurs right when i commit the change, it won't accept it	18:27
maccam94	sommer: and it fails when i enter just that first section	18:27
sommer	maccam94: strange, I've never seen that particular error... on sec	18:27
maccam94	i feel like i must be missing something in my tree	18:28
=== Nintendo is now known as JGjones
=== JGjones is now known as JGJones
sommer	maccam94: can you do replication without TLS?	18:29
maccam94	sommer: yes, it is currently replicating	18:29
sommer	maccam94: that's good :-)	18:29
maccam94	though i'm not sure it was configured following the same methods as in the server guide	18:29
sommer	are you using natty or maverick?	18:30
maccam94	lucid	18:30
sommer	should work for both... oh one sec	18:30
maccam94	the guide page is for lucid as well	18:30
sommer	right, should work for lucid too, heh	18:31
sommer	maccam94: maybe try adding "TLS_REQCERT allow" to your /etc/ldap/ldap.conf file (no quotes)	18:32
sommer	then do the modify command	18:32
maccam94	sommer: i did it and restarted slapd and now it works	18:34
maccam94	thanks!	18:34
sommer	no prob... it's an issue with self-signed certs I guess	18:34
maccam94	ah	18:35
sommer	might need to make a note of that in the docs :-)	18:35
maccam94	:-)	18:40
SpamapS	smoser: re bug #765843 .. you said you pulled it into your upstream branch.. are you planning to upload that to oneiric soon?	18:53
uvirtbot	Launchpad bug 765843 in cloud-initramfs-tools "Intermittent mount failure after growroot" [Undecided,Confirmed] https://launchpad.net/bugs/765843	18:53
maccam94	how can i confirm that my two ldap servers are indeed communicating via TLS/SSL?	18:54
sommer	maccam94: I use wireshark to snoop ldap traffic then do a change on the master	18:54
maccam94	:-( that's not really feasible for me...	18:56
maccam94	sommer: should they be communicating on port 636?	18:57
sommer	maccam94: nope 636 is for SSL, using TLS uses 389... at least that's my understanding	18:57
maccam94	ok	18:58
sommer	maccam94: you could also use tcpdump to capture traffic	18:58
maccam94	actually i guess i don't need promiscuous mode for that...	18:59
maccam94	(it's a vm)	18:59
jcastro	SpamapS: a bunch of server related videos are just now hitting the youtube channel if you wanna tweet some of that action	19:02
hggdh	smoser: hardy current amd64 ran fine	19:04
hggdh	smoser: I think we are good to go	19:05
maccam94	now that i have starttls enabled, will my ldap servers allow non-TLS/SSL connections?	19:21
sommer	maccam94: yeppers, you can connect both ways	19:22
maccam94	hm, i probably want to restrict it to SSL/TLS only. will all of the clients need keys/certs to be able to connect securely?	19:23
sommer	I think you can do that via ACLs, but I've never implemented it myself. Don't think the clients will need certs, but they may have to adjust the TLS settings to allow a self-signed one from the server	19:25
maccam94	k	19:35
maccam94	thanks for the help, sommer	19:35
sommer	maccam94: you're welcome :-)	19:35
codi	Anyone able to help me out with some preseeding i'm trying to do? Not having any luck recreating an iso for use in virtualbox with a preseed.cfg.	19:43
codi	Specifically for the 11.04 server install.	19:44
RoAkSoAx	!ask \| codi	19:55
ubottu	codi: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)	19:55
RoAkSoAx	zul: I guess I'll do some python-apt stuff to get the mirror automatically, if not, just hardcode one	20:05
zul	RoAkSoAx: cool...i have a half assed gpxe thing going on	20:07
RoAkSoAx	zul: hehe good luck w/that	20:08
earthworm	hello,	20:10
earthworm	does somebody know how to start into runlevel 3, not into runlevel 5?	20:10
earthworm	is this possible ? there is no inittab at /etc ?	20:13
Pici	!upstart \| earthworm	20:15
ubottu	earthworm: Upstart is meant to replace the old Sys V Init system with an event-driven init model. For more information please see: http://upstart.ubuntu.com/	20:15
earthworm	@pici so upstart is the parent of all processses... interesting...	20:16
earthworm	@pici do you mean i should remove S from init.d/	20:18
earthworm	@pici or would this be the wrong way...	20:19
Pici	earthworm: I believe that upstart will still fire scripts in /etc/init.d/	20:19
earthworm	okay	20:19
earthworm	@pici okay	20:19
earthworm	@pici i found a script called : rc-sysinit.conf	20:21
earthworm	@pici i'm on the right way... ?	20:21
Pici	earthworm: Indeed.	20:21
earthworm	@pici you're a fine tutor ... aren't you ;) thx	20:22
earthworm	gonna reboot and see ...	20:24
earthworm	thx	20:24
codi	Ok, my question is. I have the server iso downloaded from ubuntu.com and a preseed.cfg. Should that preseed.cfg just go in the root of the disc image?	20:30
=== ng_ is now known as NG_
earthworm	@pici ;)	20:40
earthworm	there is an entry with runlevel = 2	20:40
earthworm	i tried to change this to 3 but nothing happens, everything is as before	20:40
=== lullabud is now known as warzauwynn
RoyK	eagles0513875: standard runlevel is 2	20:47
RoyK	why would you change that?	20:47
Pici	RoyK: Yes gone.	20:48
Pici	er, Hes.	20:48
RoyK	oh	20:50
RoyK	yes	20:50
* RoyK wants native zfs on linux		20:50
Guest24499	hi - just installed natty server. how come ctrl-alt-f2 through f6 don't work? what can I do to make it work?	21:06
Guest24499	if I start X, even ctrl-alt-f1 don't work (can't get to a text console)	21:07
RoyK	does anyone use X on a server?	21:07
Guest24499	X server :P	21:08
RoyK	that's for workstations	21:08
Guest24499	i know	21:08
Guest24499	I wanted to start from a minimal install. but basic question is still - how come ctrl-alt-f2 don't work?	21:08
RoyK	alt+left/right should work well	21:09
RoyK	or alt+f[1-6]	21:09
RoyK	ctrl+alt is only needed if on X	21:09
RoyK	which you usually don't do on a server	21:09
Guest24499	alt-f2 doesn't work.	21:09
Guest24499	alt-right arrow does work (thanks!)	21:10
* RoyK doesn't use non-LTS releases for server installs		21:10
Guest24499	this is not a real server. I'm doing a minimal install so that I can pull down lxde (don't like gnome)	21:11
RoyK	ok	21:11
Guest24499	so, any idea why alt-f2 wouldn't work, but alt-right arrow would?	21:12
eagles0513875	RoyK: think u highlighted wrong person	21:47
raubvogel	Does anyone know why there are missing releases in http://archive.ubuntu.com/ubuntu/dists ?	22:08
Pici	raubvogel: What releases are 'missing'?	22:08
ajmitch	raubvogel: releases that are end-of-life go to http://old-releases.ubuntu.com/ubuntu/dists/	22:09
raubvogel	Pici, I do not know their names, but it goes from hardy to karmic	22:10
raubvogel	or dapper to hardy	22:10
Pici	raubvogel: Then read what ajmitch just said.	22:10
Pici	!edgy	22:10
ubottu	Ubuntu 6.10 (Edgy Eft) was the fifth release of Ubuntu. End Of Life: April 25th, 2008. See !eol for more details.	22:10
Pici	!feisty	22:10
ubottu	Ubuntu 7.04 (Feisty Fawn) was the sixth release of Ubuntu. End Of Life: October 19th, 2008. See !eol and !upgrade for more details.	22:10
Pici	EOL releases are no longer housed on the normal archives.	22:11
Pici	Minus 1 release though, so Karmic is still there even though it is EOL.	22:11
ajmitch	mostly because the mirror space required would be excessive, old-releases doesn't get mirrored afaik	22:11
raubvogel	So, if I have a 8.04 LTS machine, how to upgrade it?	22:12
Pici	raubvogel: You can upgrade from one LTS to the next, so you can go directly to 10.04 LTS	22:12
raubvogel	Ok	22:12
ajmitch	the command 'do-release-upgrade' should manage that for you	22:13
ajmitch	you may need to install update-manager-core first, details are on http://www.ubuntu.com/download/ubuntu/upgrade	22:13
queso	Where is the log for openssh-server?	22:32
SpamapS	queso: /var/log/syslog and/or /var/log/auth.log	22:34
SpamapS	queso: there's an awesome program called 'logwatch' that will summarize it daily for you.	22:35
=== medberry is now known as med_out
queso	SpamapS: nice, thank you	22:36
JasonnAWAY	Hi, how can I raid 2 servers together with ubuntu (program)	22:52
SpamapS	JasonnAWAY: "RAID" is "Redundant Array of (Inexpensive\|Independent) Disks" ..	22:52
JasonnAWAY	Hmmm	22:53
SpamapS	JasonnAWAY: do you want to replicate data accross two servers?	22:53
JasonnAWAY	No	22:53
JasonnAWAY	I want to put 2 hdds together so they act as 1	22:53
SpamapS	Ah, but on one server?	22:53
JasonnAWAY	yes	22:53
SpamapS	https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html	22:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!