[00:09] <m_tadeu> hi everyone....what's the best way to guarantie that a service runs no matter what? like if it dies, something to run it again, get notification for that, etc
[01:16] <Ryan_Lane> I'm trying to install libactiverecord-ruby1.8 on ubuntu 10.04 server, but apt says it doesn't exist...
[01:16] <Ryan_Lane> it's supposed to be in the universe repo, but doesn't seem to be
[01:16] <genii-around> !info libactiverecord-ruby
[01:17] <genii-around> Hm
[01:26] <Ryan_Lane> is it just missing? it definitely seems like it should be there
[02:46] <jeremy_c> I just upgraded my remote server that I have no console access to, i.e. ssh only. At the end of the upgrade it said "Upgrade complete but some errors occurred." This is 8.04 -> 10.04. I do not have the ability to scroll back and see the errors. What now?
[02:48] <twb> jeremy_c: /var/log/apt, /var/log/dpkg
[02:48] <twb> I don't follow the official upgrade procedure, so there may be other fancy-pants d-r-u logs that I don't know about.
[02:49] <jeremy_c> twb: thanks.
[02:50] <jeremy_c> twb: it doesn't seem to include anything about the do-release-upgrade. Last log entry is from early this morning when I did an apt-get install links
[02:51] <twb> jeremy_c: no dpkg/term.log ?
[02:51] <twb> dru may bypass apt :-/
[02:52] <jeremy_c> there is /var/log/dpkg.log which shows install of packages from the dru but no error information.
[02:52] <jeremy_c> no /var/log/dpkg dir though.
[02:54]  * jeremy_c is afraid to reboot :-)
[03:00] <ScottK> I would check /boot/grub/menu.lst and make sure it's set to boot a kernel that's installed (and for Lucid)
[03:01] <twb> Wait, doesn't d-r-u manually run its own screen session now?
[03:01] <twb> So he should be able to ^A[ to get to scrollback
[03:01] <ScottK> Not that I noticed.
[03:01] <ScottK> Certainly not in Lucid it didn't.
[03:01] <twb> ok
[03:01] <twb> I thought it did
[03:02] <sbeattie> twb: not in lucid, but in maverick it does.
[03:02] <ScottK> I'd also make sure sources.list points a lucid, apt-get update and then apt-get dist-upgrade.
[03:03] <ScottK> That'll make sure all the package upgrades are done.
[03:03] <ScottK> If you've got all the packages upgraded and grub is set to boot the correct kernel, odds of it coming up post-boot are reasonably good.
[03:10] <sparc> Is there a way to detect the architecture of DHCP clients from ISC DHCPD ?
[03:11] <sparc> I don't see anything in the man pages, but I figure there must be a way.  I'm trying to send different 'filename' options to PXE clients, so they get the right PXELinux boot code.
[03:21] <jeremy_c> menu.lst shows kernel 2.6.24-26 w/date/time about the time dru was run.
[03:22] <jeremy_c> ScottK: in regards to Lucid, how do I tell? The titles still say "Ubuntu 8.04.4 LTS" ... I did a apt-get update && apt-get upgrade this morning in prep for this dist-upgrade tonight. The kernel versions didn't actually change from this morning.
[03:23] <ScottK> 2.6.24 is a hardy kernel.
[03:23] <ScottK> Does your sources.list say lucid?
[03:23] <jeremy_c> sources.list show lucid
[03:23] <jeremy_c> all hardy references are commented out in sources.list
[03:24] <twb> jeremy_c: as root, run "apt-get dist-upgrade --dry-run" and pastebin the output.
[03:24] <twb> jeremy_c: that should tell us what (if any) outstanding upgrades exist
[03:24] <jeremy_c> not by me, seems that they were ones that existed and were commented out prior to upgrade, i.e. hardy partner, hardy main restricted.
[03:26] <jeremy_c> http://pastie.org/2030377   ... apt-get dist-upgrade --dry-run
[03:26] <ScottK> Do you have a kernel metapackage (e.g. linux-image, linux-image-generic, linux-generic-pae) installed?
[03:27] <ScottK> If the kernel metapackage got removed from some reason that would explain having the old kernel still
[03:27] <jeremy_c> http://pastie.org/2030381   ... dpkg -l | grep linux
[03:29] <jeremy_c> http://pastie.org/2030387   ... ls /boot -l
[03:30] <twb> ScottK: so spamassassin is preventing him installing a newer perl (I think), but everything else is OK?
[03:31] <twb> as far as apt is concerned, I mean
[03:31] <ScottK> Wrong kernel
[03:32] <jeremy_c> should I do a apt-get -f install ?
[03:32] <twb> Dunno
[03:32] <ScottK> Yes.
[03:32] <ScottK> Best case it fixes stuff, it won't break things worse.
[03:33] <twb> If it was me, I would do it, but I can handle whatever it throws at me
[03:33] <ScottK> Read what it says it's going to do before you say yes
[03:33] <twb> +1
[03:33] <jeremy_c> seems pretty benign
[03:34] <ScottK> Can you pastebin it?
[03:34] <jeremy_c> hm, already started it.
[03:34] <ScottK> OK.
[03:39] <jeremy_c> apt-get --dry-run dist-upgrade now shows: 524 upgraded, 165 newly installed, 6 to remove and 0 not upgraded.   linux-image-2.6.32-32-server being one of them.
[03:39] <twb> zoiks
[03:39] <twb> So it sounds like something perl-y broke down, and now it is fixed you can carry on
[03:39] <jeremy_c> so dru or apt-get dist-upgrade?
[03:39] <twb> Not sure
[03:40] <twb> I don't trust dru to do the right thing, but I get yelled at if I tell newbies that it's junk
[03:40] <ScottK> At this point apt-get dist-upgrade
[03:40] <jeremy_c> twb: :-D
[03:40] <jeremy_c> ScottK: OK.
[03:40] <ScottK> dru works fine but it's not designed to start from the middle.
[03:41] <jeremy_c> only has to download 1.2mb out of 622mb, so dru must have gotten most things.
[03:41] <ScottK> What are the 6 to remove?
[03:42] <jeremy_c> forget, but they were things I don't use, realized they were of no concern and just went on.
[03:43] <jeremy_c> I can tell you in a sec, I have it in a log, but it's unpacking/installing right now.
[03:43] <jeremy_c> libcupsys2 libdatrie0 libgems-ruby1.8 librpm4.4 python-psycopg texlive-base-bin
[03:46] <ScottK> Agreed.
[03:46] <ScottK> Should all be fine.
[03:55] <JoeCoder_> I did a rm /var/log/mail.*
[03:56] <JoeCoder_> and now the mail logs aren't recreated whenever something happens.
[03:56] <JoeCoder_> I can recreate them, but user/group/permissions should they have?
[03:59] <JoeCoder_> even after chmod 777'ing it, nothing is written
[04:00] <ScottK> -rw-r----- 1 syslog adm 1456 2011-06-06 13:58 /var/log/mail.log
[04:01] <JoeCoder_> thanks
[04:01] <JoeCoder_> I had tried that once already
[04:01] <JoeCoder_> I'll reboot--the fixall for the novice!
[04:01] <JoeCoder_> and now it works, and the permissions for those files ar eset
[04:06] <jeremy_c> I am down to this error installing procps: http://pastie.org/2030485
[04:12] <jeremy_c> ScottK: twb any ideas about http://pastie.org/2030485 ?
[04:13] <twb> That's weird
[04:13] <twb> Knee-jerk reaction is to blame LSM (e.g. apparmor)
[04:14] <jeremy_c> Any ideas on fixing it?
[04:15] <ScottK> You didn't run out of space did you?
[04:15] <ScottK> If not, I'd check and see if the backup symlink already exists.
[04:15] <jeremy_c> nope.
[04:16] <jeremy_c> 62% use is the highest use disk mounted.
[04:20] <jeremy_c> I think I am done. forcing it made it pass.
[04:22] <jeremy_c> ScottK: twb: 2.6.32-32-server sound OK for the kernel? They are in menu.lst as Ubuntu 10.04.2 LTS
[04:23] <ScottK>  linux | 2.6.32.32.38 | lucid-updates | amd64, i386
[04:23] <ScottK> Yes.
[04:24] <Nafai> Hey ScottK, ltns!
[04:27] <jeremy_c> ScottK: twb: Thanks! The server reboot just fine. Now reports 10.04
[04:27] <ScottK> jeremy_c: Congratulations.
[04:30] <jeremy_c> now I guess we should continue to 11.04 :-/ I hate dist upgrades :-/
[04:31] <twb> Bah
[04:31] <twb> non-LTS can FOAD IMO
[04:32] <jeremy_c> FOAD?
[04:32] <twb> "go away"
[04:32] <jeremy_c> hm, 11.04 isn't LTS?
[04:32] <twb> It is not
[04:33] <jeremy_c> I guess I am a bit confused, is LTS software that is outdated but continuting to be supported?
[04:34] <qman__> LTS releases are supported longer than normal ones
[04:34] <qman__> normal releases are on a 6 month cycle, which is too fast for most production environments
[04:34] <qman__> LTS releases are on a two year cycle
[04:35] <twb> Canonical nominally provides support to its customers for releases.  Certain packages in LTS releases get substantially longer support than they otherwise would.
[04:35] <twb> Even if you aren't paying for Canonical support, some of that benefit rubs off because they issue e.g. security updates to everyone
[04:36] <twb> So in short: yes, except instead of "outdated" we say "stable"
[04:40] <jeremy_c> so, in a production env I should stick w/10.04 then is what you are saying?
[04:44] <rewt> it's up to 10.04.2
[04:56] <twb> Yes
[09:46] <Daviey> lynxman, Hah!  I had no idea you had created a meta data service for orchestra.  Nice one :)
[09:46] <lynxman> Daviey: yeah it's just a very limited easy one
[09:46] <Daviey> well yeah, but it's *something* :)
[09:47] <lynxman> Daviey: definitely =)
[09:58] <amitk> newbie ec2 question: How does one make the instance of ubuntu ec2 images persistent? i.e. If I install some apps, then terminate my instance I want to be able to restart the instance and find the apps installed.
[09:59] <lynxman> amitk: you have a couple of ways for that, you can use EBS as your root fs (there's AMIs that implement that) or you can just make an AMI once you're happy with how the server looks and be able to spawn new instances
[09:59] <lynxman> amitk: both have different usage scenarios so make sure the one you choose fits what you need
[10:04] <amitk> lynxman: I've already downloaded the ubuntu 10.04 EBS image to use with the free AWS offer. Can I customize that and make it peristent?
[10:05] <lynxman> amitk: that is already persistent, if you terminate the instance your disk remains as an EBS volume, you just need to start a new instance pointing at that ebs vol
[10:05] <amitk> lynxman: hmm, how do I point to the ebs volume?
[10:07] <lynxman> amitk: a quick Google showed up this http://serverfault.com/questions/234061/re-gaining-root-access-to-an-ec2-ebs-boot-image
[10:08] <amitk> lynxman: aah thanks. I've been googling for an hour with no result. I was missing the right language (keywords) to google.
[10:09] <lynxman> amitk: no worries =)
[10:11] <amitk> and how does 'snapshots' figure into this? I thought I had to snapshot the instance to be able to persist
[10:11] <lynxman> amitk: a snapshot is your base image for the AMI
[10:12] <lynxman> amitk: so an AMI will always use a snapshot to spawn an EBS volume to boot from
[10:15] <laen> When i initiate an apt-get upgrade, and it upgrades apache, it _changes_ the permissions on the already available /var/www folder. It shouldn't, and it's a bad practice of doing so. Even though Ubuntu developers apparently can't be trusted with creating proper packages, what other ways are there to prevent permission changes on folder /var/www?
[10:17] <lynxman> laen: as far as I know it's bad practice to change the permissions of a directory created by a package :)
[10:17] <laen> I'm looking for a generic solution, not a per-server btw.
[10:17] <laen> Cause apt-get is always right, right?
[10:18] <laen> I didn't make up the permissions, we're talking about a professional environment i have to suppoirt, and didn't create.
[10:18] <soren> laen: What exactly changed?
[10:19] <soren> (Although I do wonder why you're asking advice from people you don't trust)
[10:19] <laen> Ow apparently, i head now, it was the permissions on /var/log/httpd
[10:19] <laen> Cause i have to support Ubuntu, even though i don't want to.
[10:19] <soren> /var/log/httpd ?
[10:19] <soren> We don't use /var/log/httpd
[10:19] <lynxman> soren: I think he means /var/log/apache2
[10:19] <soren> Then he should say that instead.
[10:20] <soren> laen: Which is it? httpd or apache2?
[10:20] <laen> Right, something like that. It was indeed log files beeing stored in /var/log/apache2 by the customer.. (and that is bad practice as well, i know, not my idea, and don't agree).. once the permissions change the customer apache instance can't store apache2 log files anymore.
[10:21] <soren> Well, the generic, not per-server solution is to fix the problem, not the symptoms.
[10:22] <soren> Hence, I'd like to know exactly what changed so that I can try to work out why it happened.
[10:23] <soren> Looking at apache's postinst, it should only be setting ownership on initial installs, never on upgrades.
[10:26] <soren> Or not.
[10:26] <soren> *shrug*
[10:30] <TheAshMan> I recently changed the IP of one of my servers and whenever I log in it displays two versions of the "welcome" screen. The second version has the old IP on it. How do I remove it?
[10:30] <TheAshMan> the second one also says "System information as of Fri May 13 15:32:01 BST 2011"
[10:31] <xampart> TheAshMan: possibly /etc/motd.tail
[10:32] <TheAshMan> do I just empty the file?
[10:33] <TheAshMan> apparently so
[10:33] <TheAshMan> Thanks :)
[11:32] <amitk> is this the right way to mount an EBS volume as the root device? ec2-run-instances ami-2ec83147 --instance-type t1.micro --region us-east-1 --key amit -b '/dev/sda=snap-foobar'
[11:33] <amitk> it mounts /dev/sda and creates another /dev/sda1 EBS for me
[11:34] <amitk> I'm trying to figure out the simplest way to have my Ubuntu 10.04 64-bit instance kept up to date (persistent)
[11:35] <amitk> lynxman: ^
[11:35] <TeTeT> amitk: I believe you need to use a special EBS root AMI that you can stop rather than terminate if not needed
[11:36] <TeTeT> amitk: the EBS space will cost some money, but the instance can be stopped and started at will
[11:36] <lynxman> amitk: TeTeT is right, you need to start the instance from an EBS AMI, then stop, detach the created image and attach yours, I know its not the most elegant but... that's the only way I know
[11:37] <amitk> TeTeT: aah, so I shouldn't be terminating. Only starting and stopping?
[11:37] <TeTeT> amitk: try this one, not sure if it's lucid, but should be ebs backed: ami-9d4ba5f4
[11:37] <TeTeT> amitk: yes, regular instances can only be started and terminated and rebooted, ebs root instances can also be stopped
[11:38] <amitk> EBS space is free (10Gb) with the AWS free tier
[11:38] <TeTeT> didn't know that
[11:39] <amitk> all documentation points to terminate
[11:39] <amitk> TeTeT: I believe that ami-2ec83147 is an official Ubuntu 10.04 64-bit EBS-backed AMI
[11:40] <iam3fun> hello
[11:40] <iam3fun> ;]]]
[11:41] <amitk> so I'm only trying to get my changes to be persistent
[12:07] <laen> soren: sorry was in a meeting, but i'll find a solution, thanks though
[12:52] <sveinse> I have added "manual" to a service in /etc/init, but after this, upstart wont recognize the service at all. Does anyone have any examples of how to use a manual service?
[13:14] <sommer> morning all
[14:05] <zul> lynxman: this one? mcollective-server-provisioner
[14:07] <lynxman> zul: yessir
[14:12] <zul> lynxman: ok first it should be in a bzr branch again
[14:12] <lynxman> zul: there's one :)
[14:12] <zul> lynxman: can you use quilt for the patch
[14:13] <lynxman> zul: hm?
[14:13] <zul> lynxman: you modified the source can we have a clean source and then you apply the patch again
[14:13] <lynxman> zul: that'll be fairly difficult :/
[14:13] <lynxman> zul: the changes are enormous
[14:13] <zul> lynxman: why?
[14:13] <lynxman> zul: and they'll be merged upstream next week
[14:14] <zul> lynxman: k
[14:14] <lynxman> zul: would it be possible to get this one rolling and then I'll generate a new version as soon as the changes are in?
[14:14] <zul> lynxman: yeah
[14:14] <lynxman> zul: thanks ^^
[14:14] <zul> lynxman: also the plugins dont work with out the mcollectiver-server-provisioner do they?
[14:15] <lynxman> zul: they do, there's a plugin for the provisioner in the package
[14:15] <lynxman> zul: but all the rest are operationally independent
[14:15] <zul> lynxman: ok just making sure
[14:16] <lynxman> zul: each agent should be able to stand on its own, and each have its own Requires
[14:16] <zul> lynxman: for the postinst you probably want service mcollective restart || true
[14:16] <zul> lynxman: get rid of the watch file
[14:17] <lynxman> zul: cool, same as always :) doing those changes nao
[14:17] <zul> lynxman: in the upstart put the start on, stop on repsawn before the pre-start block
[14:21] <kickar> hey guys can someone assist me to convert mysql from latin1 to utf8?
[14:21] <kickar> and very wierd one of my ubuntu servers is actually reading the database good
[14:21] <kickar> the other one is messed up
[14:21] <kickar> anyone can help me?
[14:22] <Pici> kickar: #mysql might be a better place to ask if you anre't getting help here. also, try to be patient, you just ask your question.
[14:23] <kickar> it is weird
[14:23] <kickar> maybe it is a apache setting?
[14:23] <kickar> cause my one machine is OK, but theother one not
[14:40] <lynxman> zul: changes in repo, new package building
[14:41] <zul> k
[14:57] <teaforthecat> hello I am trying to create a raid1 from a single disk. after $ sfdisk -d /dev/sda | sfdisk /dev/sdb  /dev/sdb2 has only one block so I can't format it. thanks.
[14:58] <teaforthecat> am I doing the right thing to create a raid1?
[15:00] <pmatulis> teaforthecat: raid1 on one disk is questionable
[15:00] <pmatulis> teaforthecat: hm, ok, you mean 2-disk array based on a single non-raided disk
[15:00] <teaforthecat> yes
[15:01] <teaforthecat> I understand I create a degraded array first, copy the data over, then add the original disk to the array
[15:02] <Ddorda> where phpmyadmin keep its logs?
[15:04] <teaforthecat>  Ddorda: Open /etc/php.ini file and find error_log
[15:14] <teaforthecat> I created a gist that shows the confounding error at the bottom: https://gist.github.com/1012330
[16:18] <m_tadeu> I need something to start services if they go down, and get notification when that happens....what do you guys suggest?
[16:20] <koolhead11> m_tadeu, check monit
[16:32] <axisys> what updates the following files ?
[16:32] <axisys> /var/lib/apt/update_success /var/lib/apt/periodic/update-stamp /var/lib/apt/lists/lock
[16:33] <axisys> and I have this script  http://pastebin.com/q81uZk7X  that alerts if they are newer than 7 days.. trying to find out what is the significance of that
[16:33] <axisys> s/that alerts if they are newer than 7 days/that alerts if they are older than 7 days/
[16:52] <RoAkSoAx> zul: ping?
[16:52] <zul> RoAkSoAx: whats up?
[16:52] <RoAkSoAx> zul: so wanted to discuss some cobbler stuff with you, free?
[16:53] <zul> RoAkSoAx: sure
[16:53] <RoAkSoAx> zul: 1st: When we import the mini.iso it will create a Repo for main/universe, and another one for security
[16:54] <zul> RoAkSoAx: okies
[16:54] <RoAkSoAx> zul: the repos by default are disabled so if we run cobbler reposyng it will not sync the archives
[16:54] <RoAkSoAx> zul: so anyways, I'm guessing that the behaviour is desired, correct?
[16:54] <zul> i believe so
[16:55] <RoAkSoAx> zul: ok, so now, the thing is how can I automatically determine the country and stuff to set the repo
[16:55] <RoAkSoAx> zul: if we are in the us, use us.archive if we are in Italy, us it.archive
[16:55] <RoAkSoAx> etc etc
[16:55] <RoAkSoAx> any ideas?
[16:56] <zul> RoAkSoAx: iirc there is a way to determine which mirror you can use with apt, check with mvo
[16:56] <RoAkSoAx> zul: cool
[16:57] <RoAkSoAx> zul: 2nd: TYo be able to use the repo and stuff, we need to tweak the preseed... should we just document that or should we make that happen automatically?
[16:57] <zul> document it for now
[16:57] <RoAkSoAx> zul: ok thanks ;)
[16:58] <RoAkSoAx> zul: ahh I think we cannot use apt to determine which archive repo to use in case we submit it upstream, otherwise it wouldn't work on non-debian machines
[16:59] <zul> RoAkSoAx: assuming that they have /etc/apt/sources.list setup properly on the cobbler server why not gleeem it from there
[16:59] <tdelam> hi guys, is jaunty 9.04 no longer supported? my apt-get update gives me all 404's
[16:59] <zul> tdelam: its not
[16:59] <tdelam> zul: Hm, what could the reason for those 404's be?
[17:00] <adam_g> /win/j #ubuntu-meeting
[17:00] <zul> tdelam: its not supported
[17:00] <tdelam> oh
[17:00] <tdelam> how can I upgrade now that apt is dead?
[17:00] <RoAkSoAx> zul: ok
[17:01] <jdstrand> tdelam: http://old-releases.ubuntu.com/releases/
[17:02] <tdelam> ah :/
[17:03] <jdstrand> tdelam: I would recommend using: 'sudo do-release-upgrade' and upgrade to 9.10. then do it again to get to 10.04. both 9.04 and 9.10 are not supported (but 10.04 is because it is an LTS)
[17:03] <tdelam> no easy way to do this I guess. Server is 4000 miles from me serving about 200 web sites.
[17:03] <tdelam> oh
[17:03] <jdstrand> tdelam: 9.10 hasn't been moved to old-releases yet. you should be able to upgrade in the manner I described
[17:04] <tdelam> An upgrade from 'jaunty' to 'lucid' is not supported with this tool.
[17:04] <jdstrand> tdelam: no. LTS to LTS is supported or release to the next release. jaunty wa not LTS, so you must go through 9.10 (karmic)
[17:05] <tdelam> jdstrand: Oh I see, can I specify that with this command?
[17:06] <jdstrand> tdelam: it can detect it. 'sudo do-release-upgrade' is all you need to do. you'll do that (it is cli) and it will upgrade, then reboot. then you'll do it again
[17:06] <jdstrand> tdelam: it should be stated that doing this has an element of risk
[17:07] <tdelam> jdstrand: Yea, that's what i did and got back that error message.
[17:07] <jdstrand> tdelam: with you being 4000 miles away, if something goes wrong or the system is unbootable, then you are in trouble
[17:07] <jdstrand> tdelam: you got the 404 message?
[17:07] <tdelam> jdstrand: http://pastie.org/2033024
[17:08] <jdstrand> hmm
[17:08] <jdstrand> it didn't like that karmic is eol too
[17:08] <jdstrand> tdelam: you have to do jaunty -> karmic the hard way
[17:09] <tdelam> jdstrand: can you direct me to how to it the hard way without apt?
[17:09] <jdstrand> tdelam: update /etc/apt/sources.list to substitute all occurences of 'jaunty' with 'karmic'. then do 'sudo apt-get update && sudo apt-get dist-upgrade'
[17:09] <tdelam> oh
[17:09] <tdelam> thats not so hard :)
[17:10] <jdstrand> tdelam: please note, this method of upgrading is not at all as well tested and that 'do-release-upgrade' has special logic to make sure that things go smoothely
[17:10] <tdelam> ok
[17:11] <jdstrand> tdelam: there is more risk with this method. you may want to start sshd manually to listen on a different port, then login via that port and do 'sudo -i' before the upgrade so you have a root prompt
[17:11] <jdstrand> tdelam: in case anything goes wrong
[17:11] <jdstrand> tdelam: once you upgrade to karmic, reboot, then you can use do-release-upgrade
[17:11] <tdelam> ok
[17:11] <jdstrand> tdelam: good luck (and make backups if possible)
[17:12] <tdelam> Di have automated ones, for years now
[17:12] <tdelam> in /mnt/disk2 :)
[17:13] <jdstrand> tdelam: you know
[17:13] <jdstrand> tdelam: you should probably do the 'sudo apt-get  update && sudo apt-get dist-upgrade
[17:13] <jdstrand> ' in the speciall sshd
[17:13] <tdelam> alright
[17:13] <tdelam> i am getting that going now
[17:13] <jdstrand> in cause the one that is upgraded goes down
[17:14] <jdstrand> s/cause/case/
[17:14] <jdstrand> tdelam: good luck :)
[17:14] <tdelam> thanks :D
[17:14] <tdelam> note to self -- stay on top of upgrades
[17:38] <tdelam> jdstrand: on karmic now do-release-upgrade started.
[17:38] <jdstrand> \o/
[17:38] <tdelam> so far so good. I don't want to jinx myself though
[17:38] <tdelam> all webservices are running smoothly too.
[17:38] <tdelam> minus the mini downtime for rebooting :)
[17:39] <tdelam> had to be done though
[17:39] <m_tadeu> koolhead11|afk: thanx a lot
[17:50] <j1mc> sommer: i should have a test build of the server docs in that new layout available within the next few days.
[17:51] <sommer> j1mc: sweet that'd be awesome
[17:51] <j1mc> i'll let you know when it's ready. :)
[17:51] <sommer> j1mc: sounds good, thanks for your help!
[17:52] <j1mc> you are very welcome! : )
[17:52] <j1mc> sommer: we have a docs team meeting set for this sunday at 20:00 UTC. just an FYI in case it is convenient for you.
[17:52] <j1mc> it's 3:00pm central time
[17:53] <sommer> j1mc: ya, I'll try to be there, but I'm not sure what I have going this weekend.
[17:53] <j1mc> no worries
[17:53] <j1mc> :)
[18:20] <maccam94> i'm trying to enable TLS secured replication in openldap, following the ubuntu 10.04 server guide. when i try to modify the ldap config to add the certificates on the slave, i get the following error: ldap_modify: Inappropriate matching (18) additional info: modify/add: olcTLSCACertificateFile: no equality matching rule
[18:20] <maccam94> i'm getting the error on step 6 here: https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html#openldap-tls-replication
[18:23] <sommer> maccam94: what command are you entering?
[18:25] <maccam94> it's on step 6 in the section of the page i linked, it's a slapd command followed by adding stuff to the tree
[18:25] <maccam94> sommer: i can paste what i'm running to pastebin, but it looks almost exactly the same as what's on page
[18:25] <maccam94> i just changed the hostname for the keys
[18:25] <sommer> maccam94: so you have the olcTLSCACertificateFile setup?
[18:26] <maccam94> i have the files in /etc/ssl/certs and /etc/ssl/private, yes
[18:26] <maccam94> it doesn't look like it's even trying to load them though
[18:26] <sommer> maybe try adding the CA entry by itself, then try adding the entries for the server's cert and key
[18:27] <maccam94> i had a problem with permissions on the master initially, where slapd wouldn't start because it didn't have permissions to read them, but this error occurs right when i commit the change, it won't accept it
[18:27] <maccam94> sommer: and it fails when i enter just that first section
[18:27] <sommer> maccam94: strange, I've never seen that particular error... on sec
[18:28] <maccam94> i feel like i must be missing something in my tree
[18:29] <sommer> maccam94: can you do replication without TLS?
[18:29] <maccam94> sommer: yes, it is currently replicating
[18:29] <sommer> maccam94: that's good :-)
[18:29] <maccam94> though i'm not sure it was configured following the same methods as in the server guide
[18:30] <sommer> are you using natty or maverick?
[18:30] <maccam94> lucid
[18:30] <sommer> should work for both... oh one sec
[18:30] <maccam94> the guide page is for lucid as well
[18:31] <sommer> right, should work for lucid too, heh
[18:32] <sommer> maccam94: maybe try adding "TLS_REQCERT allow" to your /etc/ldap/ldap.conf file (no quotes)
[18:32] <sommer> then do the modify command
[18:34] <maccam94> sommer: i did it and restarted slapd and now it works
[18:34] <maccam94> thanks!
[18:34] <sommer> no prob... it's an issue with self-signed certs I guess
[18:35] <maccam94> ah
[18:35] <sommer> might need to make a note of that in the docs :-)
[18:40] <maccam94> :-)
[18:53] <SpamapS> smoser: re bug #765843 .. you said you pulled it into your upstream branch.. are you planning to upload that to oneiric soon?
[18:54] <maccam94> how can i confirm that my two ldap servers are indeed communicating via TLS/SSL?
[18:54] <sommer> maccam94: I use wireshark to snoop ldap traffic then do a change on the master
[18:56] <maccam94> :-( that's not really feasible for me...
[18:57] <maccam94> sommer: should they be communicating on port 636?
[18:57] <sommer> maccam94: nope 636 is for SSL, using TLS uses 389... at least that's my understanding
[18:58] <maccam94> ok
[18:58] <sommer> maccam94: you could also use tcpdump to capture traffic
[18:59] <maccam94> actually i guess i don't need promiscuous mode for that...
[18:59] <maccam94> (it's a vm)
[19:02] <jcastro> SpamapS: a bunch of server related videos are just now hitting the youtube channel if you wanna tweet some of that action
[19:04] <hggdh> smoser: hardy current amd64 ran fine
[19:05] <hggdh> smoser: I think we are good to go
[19:21] <maccam94> now that i have starttls enabled, will my ldap servers allow non-TLS/SSL connections?
[19:22] <sommer> maccam94: yeppers, you can connect both ways
[19:23] <maccam94> hm, i probably want to restrict it to SSL/TLS only. will all of the clients need keys/certs to be able to connect securely?
[19:25] <sommer> I think you can do that via ACLs, but I've never implemented it myself.  Don't think the clients will need certs, but they may have to adjust the TLS settings to allow a self-signed one from the server
[19:35] <maccam94> k
[19:35] <maccam94> thanks for the help, sommer
[19:35] <sommer> maccam94: you're welcome :-)
[19:43] <codi> Anyone able to help me out with some preseeding i'm trying to do? Not having any luck recreating an iso for use in virtualbox with a preseed.cfg.
[19:44] <codi> Specifically for the 11.04 server install.
[19:55] <RoAkSoAx> !ask | codi
[20:05] <RoAkSoAx> zul: I guess I'll do some python-apt stuff to get the mirror automatically, if not, just hardcode one
[20:07] <zul> RoAkSoAx: cool...i have a half assed gpxe thing going on
[20:08] <RoAkSoAx> zul: hehe good luck w/that
[20:10] <earthworm> hello,
[20:10] <earthworm> does somebody know how to start into runlevel 3, not into runlevel 5?
[20:13] <earthworm> is this possible ? there is no inittab at /etc ?
[20:15] <Pici> !upstart | earthworm
[20:16] <earthworm> @pici so upstart is the parent of all processses... interesting...
[20:18] <earthworm> @pici do you mean i should remove S from init.d/
[20:19] <earthworm> @pici or would this be the wrong way...
[20:19] <Pici> earthworm: I believe that upstart will still fire scripts in /etc/init.d/
[20:19] <earthworm> okay
[20:19] <earthworm> @pici okay
[20:21] <earthworm> @pici i found a script called : rc-sysinit.conf
[20:21] <earthworm> @pici i'm on the right way... ?
[20:21] <Pici> earthworm: Indeed.
[20:22] <earthworm> @pici you're a fine tutor ... aren't you ;) thx
[20:24] <earthworm> gonna reboot and see ...
[20:24] <earthworm> thx
[20:30] <codi> Ok, my question is. I have the server iso downloaded from ubuntu.com and a preseed.cfg. Should that preseed.cfg just go in the root of the disc image?
[20:40] <earthworm> @pici ;)
[20:40] <earthworm> there is an entry with runlevel = 2
[20:40] <earthworm> i tried to change this to 3 but nothing happens, everything is as before
[20:47] <RoyK> eagles0513875: standard runlevel is 2
[20:47] <RoyK> why would you change that?
[20:48] <Pici> RoyK: Yes gone.
[20:48] <Pici> er, Hes.
[20:50] <RoyK> oh
[20:50] <RoyK> yes
[20:50]  * RoyK wants native zfs on linux
[21:06] <Guest24499> hi - just installed natty server.  how come ctrl-alt-f2 through f6 don't work?  what can I do to make it work?
[21:07] <Guest24499> if I start X, even ctrl-alt-f1 don't work (can't get to a text console)
[21:07] <RoyK> does anyone use X on a server?
[21:08] <Guest24499> X server :P
[21:08] <RoyK> that's for workstations
[21:08] <Guest24499> i know
[21:08] <Guest24499> I wanted to start from a minimal install.  but basic question is still - how come ctrl-alt-f2 don't work?
[21:09] <RoyK> alt+left/right should work well
[21:09] <RoyK> or alt+f[1-6]
[21:09] <RoyK> ctrl+alt is only needed if on X
[21:09] <RoyK> which you usually don't do on a server
[21:09] <Guest24499> alt-f2 doesn't work.
[21:10] <Guest24499> alt-right arrow does work (thanks!)
[21:10]  * RoyK doesn't use non-LTS releases for server installs
[21:11] <Guest24499> this is not a real server.  I'm doing a minimal install so that I can pull down lxde (don't like gnome)
[21:11] <RoyK> ok
[21:12] <Guest24499> so, any idea why alt-f2 wouldn't work, but alt-right arrow would?
[21:47] <eagles0513875> RoyK: think u highlighted wrong person
[22:08] <raubvogel> Does anyone know why there are missing releases in http://archive.ubuntu.com/ubuntu/dists ?
[22:08] <Pici> raubvogel: What releases are 'missing'?
[22:09] <ajmitch> raubvogel: releases that are end-of-life go to http://old-releases.ubuntu.com/ubuntu/dists/
[22:10] <raubvogel> Pici, I do not know their names, but it goes from hardy to karmic
[22:10] <raubvogel> or dapper to hardy
[22:10] <Pici> raubvogel: Then read what ajmitch just said.
[22:10] <Pici> !edgy
[22:10] <Pici> !feisty
[22:11] <Pici> EOL releases are no longer housed on the normal archives.
[22:11] <Pici> Minus 1 release though, so Karmic is still there even though it is EOL.
[22:11] <ajmitch> mostly because the mirror space required would be excessive, old-releases doesn't get mirrored afaik
[22:12] <raubvogel> So, if I have a 8.04 LTS machine, how to upgrade it?
[22:12] <Pici> raubvogel: You can upgrade from one LTS to the next, so you can go directly to 10.04 LTS
[22:12] <raubvogel> Ok
[22:13] <ajmitch> the command 'do-release-upgrade' should manage that for you
[22:13] <ajmitch> you may need to install update-manager-core first, details are on http://www.ubuntu.com/download/ubuntu/upgrade
[22:32] <queso> Where is the log for openssh-server?
[22:34] <SpamapS> queso: /var/log/syslog and/or /var/log/auth.log
[22:35] <SpamapS> queso: there's an awesome program called 'logwatch' that will summarize it daily for you.
[22:36] <queso> SpamapS: nice, thank you
[22:52] <JasonnAWAY> Hi, how can I raid 2 servers together with ubuntu (program)
[22:52] <SpamapS> JasonnAWAY: "RAID" is "Redundant Array of (Inexpensive|Independent) Disks" ..
[22:53] <JasonnAWAY> Hmmm
[22:53] <SpamapS> JasonnAWAY: do you want to replicate data accross two servers?
[22:53] <JasonnAWAY> No
[22:53] <JasonnAWAY>  I want to put 2 hdds together so they act as 1
[22:53] <SpamapS> Ah, but on one server?
[22:53] <JasonnAWAY> yes
[22:53] <SpamapS> https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html