/srv/irclogs.ubuntu.com/2011/08/19/#ubuntu-server.txt

CrazyGir	hello! if I have a vm running via a qemu disk image, and if this can be mounted with the qemu-nbd command, you should then be able to chroot to that env and run passwd on a user, no?	00:47
Kiall	CrazyGir, forgot the root password? ;)	00:49
Kiall	anyway .. yeah .. you should be able to chroot it and change the passwords	00:50
twb	Or init=/bin/sh	00:51
CrazyGir	Kiall: nope, I made a clone of a vm I don't have any passwords to	00:53
CrazyGir	twb: how do you mean?	00:54
CrazyGir	did I lose the attention? :P	00:56
twb	That's how you break in from the bootloader	00:56
CrazyGir	I'd have to figure out making grub available via the serial console	00:57
CrazyGir	which I haven't done, and would probably be helpful	00:58
CrazyGir	more hurdles though	00:58
CrazyGir	><	00:58
CrazyGir	I tried the method I described but it did not seem to work	00:58
twb	It's documented in /etc/default/grub ffs	00:58
CrazyGir	w00t	01:00
CrazyGir	yea, this chroot method does not seem to work through qemu-nbd	01:01
twb	Yeah, people who emulate VGA tty instead of ttyS0 are dumb	01:01
CrazyGir	hah	01:01
CrazyGir	I hated having to go to a console in an app transfering video data over the network via a broken and bloated protocol, simply to get the ip of a BSD VM	01:02
CrazyGir	><	01:03
CrazyGir	I don't understand why all vm technologies seem to be unable to provide the IP of a virtual nic, but that is something else entirely	01:03
CrazyGir	twb: are you referring to the GRUB_TERMINAL parameter in /etc/default/grub?	01:05
twb	CrazyGir: I don't remember; I don't use grub	01:05
twb	In extlinux it's just "CONSOLE 1"	01:06
CrazyGir	ah: GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"	01:07
CrazyGir	for reference, from: https://help.ubuntu.com/community/SerialConsoleHowto	01:07
CrazyGir	what do you use twb?	01:07
twb	extlinux.	01:09
patdk-lap	sounds like the issue is the command isn't runnable on the host system	01:09
patdk-lap	why not just edit the shadow file directly?	01:09
CrazyGir	twb: interesting	01:10
CrazyGir	patdk-lap: I am not (yet) familiar enough with how passwords are handled in ubuntu	01:10
CrazyGir	I would feel comfortable with that on openbsd :)	01:10
CrazyGir	can you run update-grub manually in some way?	01:11
CrazyGir	I guess I should go the passwd file route	01:11
CrazyGir	patdk-lap: how is that done?	01:12
patdk-lap	not possible on openbsd as they are stored in a db :)	01:12
patdk-lap	once you mount the fs	01:13
patdk-lap	just edit /etc/shadow	01:13
patdk-lap	remove the second item between the :'s	01:13
mauricio	hey - anyone think they can help me out? im trying to generate screenshots using php, xvfb, and firefox. I can run it just fine through the terminal but I can't get shell_exec("DISPLAY=:1 firefox &") php to work - i did shell_exec("whoami") and its the same user. makes no sense to me as to why this would happen	01:13
patdk-lap	so it would be, username:password:.....:...:...:...	01:13
patdk-lap	just copy the string from another shadow file	01:14
CrazyGir	/etc/shadow is blank O.o	01:14
patdk-lap	well, that is no good	01:14
patdk-lap	is passwd blank?	01:14
CrazyGir	maybe? good question	01:14
* CrazyGir tests		01:15
CrazyGir	no	01:15
CrazyGir	I have a feeling the admin who built the VM emptied it and uses ssh keys for login	01:16
patdk-lap	is there a /etc/shadow- file?	01:16
CrazyGir	..or something weird	01:16
josePhoenix	Anyone know why crontab might hang? Not the scheduler, but the command for editing / viewing?	01:16
patdk-lap	josePhoenix, it's having issues launching your editor?	01:16
josePhoenix	no, crontab -e seems to work	01:16
josePhoenix	maybe I'm misremembering what it does :x	01:17
josePhoenix	ah	01:17
josePhoenix	crontab -l is what I was looking for.. but I'm still no closer to figuring out why this script hangs	01:17
CrazyGir	there is, and ls reports 856 bytes, but the file appears empty in vim	01:17
CrazyGir	ah, I see	01:18
CrazyGir	><	01:18
josePhoenix	I guess I'll just make a temporary file. Installing from stdin seems to be causing problems	01:18
mauricio	anyone know what differences i can have between shell_exec in php and the terminal?	01:29
mauricio	im using the same user	01:29
mauricio	:(	01:29
mauricio	i can open up xclock just fine with shell_exec	01:29
mauricio	but i cant open firefox	01:29
mauricio	maybe i can figure it out but how can i run a command so that ./ is a certain dir	01:39
mauricio	./ is pointing to /home/dummy/public_html when it should be pointing towards /home/dummy/	01:39
mauricio	im sure someone knows how to do that	01:39
mauricio	hmm nevermind	01:41
mauricio	was thinking ~	01:41
quizme	hi, i got an error on a package when trying to upgrade. I don't need the package, so is there any way to just remove the package and skip it?	02:07
quizme	E: Sub-process /usr/bin/dpkg returned an error code (1)	02:07
hansin	Anyone know of a good way of managing services with the CLI? In particular the issue is that some services are still running as SysV and other Upstart services. You can no longer use just sysv-rc-conf. And I don't know if Upstart has a CLI tool where you can set what services start at boot. Any thoughts?	02:40
hansin	Or is this just an understood difficulty with a 'headless' server until there is consistency in terms of boot scripts?	02:43
josePhoenix	That's something I've never found a satisfactory answer to	02:45
josePhoenix	I've seen people recommending editing the upstart scripts to prevent start-on-boot	02:45
hansin	josePhoenix: Thanks. Sounds like I wasn't missing something then. I take a look at what you said though.	02:51
josePhoenix	hansin: yeah, if you find a convenient way to manage upstart services, I'd like to know xD	02:51
hansin	josePhoenix: Sounds like a deal! Though don't have the coding skills to make my own.	02:52
hansin	But if I find something...	02:52
josePhoenix	Hmm	03:17
josePhoenix	What does the setgid bit on a file do?	03:17
josePhoenix	ah	03:18
josePhoenix	hm. I want to use setgid folders...	03:18
josePhoenix	but not setgid files	03:18
josePhoenix	seems like chmod should have a shortcut for setting permission bits that mean different things for files and folders	03:19
josePhoenix	I want folders to be +x +S, but I don't want all the files in them to be executable...	03:19
qman__	use +X	03:20
josePhoenix	ahhh ta	03:21
josePhoenix	That's just a chmod feature, right? Not an extra bit?	03:21
josePhoenix	Actually, that doesn't do quite what I want. Is there something for setting +s on directories, but not their contents?	03:23
lickalott	josePhoenix what was the original question?	03:33
lickalott	has anyone offered up SUID or SGID?	03:37
josePhoenix	lickalott: I think I just need to be a bit more selective	03:38
josePhoenix	I was trying to setgid on a directory and its child dirs	03:38
josePhoenix	but chmod -R g+s ./foo/* sets +s on files as well, which I don't want	03:39
lickalott	take out the -R	03:39
josePhoenix	yeah, I figured	03:39
lickalott	-R will do the folder AND all the contents	03:39
lickalott	but that's still not what you want?	03:40
josePhoenix	Well I wanted subfolders, but not files within those subfolders	03:40
lickalott	ahhhhh	03:40
qman__	probably have to do a find	03:40
josePhoenix	./foo/bar/baz/ but not ./foo/bar/baz/quux.txt	03:40
qman__	find directories and exec chmod +s	03:40
lickalott	yeah... maybe a find + xargs	03:40
josePhoenix	Well, it's part of a provisioning script, so I know exactly which dirs I'm creating	03:41
josePhoenix	so I'm just adding the chmod there	03:41
lickalott	maybe do foo manually, then cd into is, ls -d \| xargs chmod +s {}	03:42
lickalott	i'd have to play, but that should work	03:42
lickalott	*it	03:44
lickalott	-D not -d jose	03:47
josePhoenix	okay thanks :]	03:47
lickalott	did that work?	03:48
lickalott	logging into my rig now	03:48
lickalott	also take the brackets out	03:49
lickalott	worked for me	03:51
qman__	might have issues with spaces in filenames	03:51
qman__	make sure you try it	03:51
lickalott	spaces in file names?	03:52
lickalott	thought he didn't want files to be chmod'd	03:57
qman__	well, directory names	04:27
lickalott	can't happen unless this is a samba share right? if one were to mkdir Some Docs, you'd end up with 2 folders	04:29
qman__	not if you mkdir "Some Docs"	04:30
qman__	in linux, everything is valid	04:30
qman__	just needs to be properly escaped	04:31
lickalott	touche'	04:31
qman__	also, mkdir Some\ Docs	04:32
lickalott	guess i just wouldn't expect that from a *nix person	04:32
qman__	ordinarily no	04:32
qman__	but it is possible, so you want to have that test case especially before you integrate it into a script	04:33
qman__	one thing I run into a lot	04:34
qman__	ripping music off CDs	04:34
qman__	with question marks in the names	04:34
qman__	and then windows doesn't know what to do with it on the share	04:34
DarkwingDuck	Have an interesting/strange issue with Oneiric server.	04:36
reya276	Is there a setup for Ubuntu 11.04 desktop/Server that is similar to Active Directory? I know Sambad is similar but does it have a GUI?	04:36
reya276	Is 11.04 server an LTS?	04:37
DarkwingDuck	It wont get past GRUB, black screen then my moniter goes to sleep. However, if I boot into recovery then resume normal boot then it works.	04:37
DarkwingDuck	reya276: No.	04:37
DarkwingDuck	10.04 is LTS	04:37
qman__	reya276, basically no to all of the above	04:39
lickalott	i'm with you qman__. Never thought about music...	04:39
qman__	samba can do a hybrid of NT domains and 2003 security	04:39
qman__	and openLDAP can do a user directory	04:39
qman__	but that's about it	04:39
qman__	samba 4, if/when it ever gets stable, is going to be full AD compatible	04:39
reya276	ok well that is good enough. I'm not looking to use Ubuntu with windows servers. I'm actually trying to setup Ubuntu server/desktops on its own as a server/network	04:41
qman__	then what you're after is openLDAP	04:41
qman__	and possibly kerberos	04:41
reya276	cool, thanks. I can get that from the repos right?	04:41
qman__	yes, but it's pretty complicated to get going	04:41
qman__	make sure you find a good guide on it, not sure if the server guide is up to par on that yet	04:41
reya276	nah, nothing is ever complicated as long as their is something to read then its all good	04:42
reya276	thanks.	04:42
Daviey	jamespage: Hey! Do you fancy reviewing/sponsoring bug 809753?	07:42
uvirtbot	Launchpad bug 809753 in logwatch "logwatch bug in postfix filter" [Medium,Triaged] https://launchpad.net/bugs/809753	07:42
jamespage	Daviey: np - leave it with me	07:43
Daviey	rocking!	07:44
=== smb` is now known as smb
Daviey	jamespage: what happend with octopussy?	08:26
jamespage	Daviey: still in the NEW queue waiting for review	08:26
Daviey	urgh	08:28
Daviey	thanks	08:29
uvirtbot	New bug: #829250 in openvswitch (universe) "datapath dkms module does't built automaticly" [Undecided,New] https://launchpad.net/bugs/829250	08:41
Daviey	Anyone looking for a bitesize bug to tackle?	09:05
ubunteo	no.	09:06
Daviey	(silence is suitable as a negative answer.)	09:06
ubunteo	I am waiting for LAMP server expert	09:06
lynxman	Daviey: bitesize bug?	09:18
lynxman	ubunteo: what would you consider a LAMP expert? I might be one	09:18
Daviey	lynxman: want to do some funky stuff?	09:19
lynxman	Daviey: depends on your definition of funky :) you know I'm always eager to please you	09:19
Daviey	eeeek.	09:19
Daviey	lynxman: Nice simple one to get the blood going, bug #829271	09:19
uvirtbot	Launchpad bug 829271 in ajaxterm "Recommends psyco which is currently incompatible with python > 2.6" [Undecided,New] https://launchpad.net/bugs/829271	09:19
ubunteo	dear all, which is the official ubuntu uploading site for 1GB storage ? I know ubuntu one already. Something that don't need registration. and something better than http://imagebin.org/?page=add	09:21
lynxman	Daviey: ah yeah, looks good :)	09:22
lynxman	ubunteo: I think Ubuntu One covers exactly what you need, shame that you don't want to register	09:22
Daviey	ubunteo: Ubuntu members get 1GB of storage at https://wiki.ubuntu.com/PeopleUbuntuCom, but that is really storage to help the ubuntu project.	09:27
Daviey	Other than that, there is no other official uploading site other than ubuntu 1	09:27
soren	ubunteo: I kind of doubt you'll find places that'll let you dump gigbytes of data on their servers without at least registering.	09:33
ubunteo	soren: I knew. but they are with spam or spywares and pono ads around	09:33
Daviey	lynxman: Another one with your name on it, bug #822613	09:39
uvirtbot	Launchpad bug 822613 in etckeeper "etckeeper should depend on hostname" [Medium,Triaged] https://launchpad.net/bugs/822613	09:39
Daviey	lynxman: then, bug 820936 wants your opinion. :)	09:41
lynxman	Daviey: thanks, will hammer both in 10 mins, finishing toast :D	09:41
uvirtbot	Launchpad bug 820936 in apache2 "Virtual server setup breaks Rewrite Rules" [Low,Confirmed] https://launchpad.net/bugs/820936	09:41
lynxman	holy crap, 109 upgrades in the last 3 days	09:57
Daviey	RoAkSoAx: powernap is currently set for demotion to universe, do we have anything which is planning to use it?	09:57
ubunteo	lynxman: hi LAMP expert	10:00
ubunteo	lynxman: I am LAMP and linux newbie. I want to get suggestion from you for my php application	10:01
lynxman	ubunteo: sure, what do you want to do	10:02
ikonia	ubunteo: what are you looking for	10:02
ubunteo	ikonia: I dont know how to install and run http://www.phpwares.com/content/php-inventory on ubuntu LAMP server	10:02
ubunteo	ikonia: if anybody knows better inventory application for IT stocks , please suggest me	10:03
ubunteo	ikonia: I mean IT stocks like printer cartridges, CDs, DVDs, mobile phones in and out	10:03
ikonia	ubunteo: reading the zip file, you just dump the php in your web root, run the sql script to create the database, and put the database details in the sites.xml file	10:03
ikonia	ubunteo: there are more detailed instructions in the readme.html file in the zip file too	10:04
ubunteo	ikonia: thanks for suggestion. I would also like to know where the web root in ubuntu is.	10:04
ikonia	ubunteo: have you read the https://help.ubuntu.com server section on how to manage the webserver ?	10:04
ubunteo	ikonia: do I also need to install phpmyadmin ?	10:04
ikonia	ubunteo: if not, that's worth a read	10:04
ikonia	ubunteo: no, you don't need phpmyadmin to run this	10:05
ubunteo	ikonia: I had , the worst thing is I have no internet on that LAMPserver	10:05
ikonia	ubunteo: then don't read it from the lamp server, read it from your desktop	10:05
ubunteo	ikonia: how can I ?	10:06
ikonia	ubunteo: open that URL in a machine with internet access	10:06
ubunteo	ikonia: Dear ikon, I can read my web server and said it works !!! but i dont know how to continue	10:09
ikonia	ubunteo: yes, I've told you how to install the application, told you where the detailed install instructions are, and suggested a URL on how to run your web server	10:09
ubunteo	ikonia: I know bro. the application is alittle big tricky	10:14
ikonia	ubunteo: it's really straightforward	10:16
ikonia	ubunteo: you put the php files in the document root, you run the sql database creation script, you put the database details in the xml file	10:17
ubunteo	ikonia: where is the web root folder in ubuntu server ?	10:17
ikonia	ubunteo: that's when I said you should take a look at the server section in https://help.ubuntu.com to have a basic idea of how to run the web server	10:18
ikonia	ubunteo: you'll need to understand how it works with the site model ubuntu uses, and that document is actually quite good	10:18
Daviey	lynxman: How are those two bugs looking?	10:28
* Daviey reaches for his whip.		10:28
lynxman	Daviey: branched and fixing	10:29
lynxman	Daviey: merge requests okay? :)	10:31
Daviey	lynxman: super!	10:32
w00	hm, i'm trying to symlink some files and access them through pure-ftpd, activated virtualchroot and perms look ok but the ftp client gives 'not a directory' errors, anyone knows what could be the issue? (same type of setup works on another distro)	10:36
lynxman	Daviey: one done, 2 to go	10:53
=== nandemonai_ is now known as nandemonai
* w00 bangs his head against the wall		11:17
Daviey	lynxman: Great! you fixed etckeeper.	11:27
lynxman	Daviey: \o/	11:28
maxagaz	hi	11:41
maxagaz	how to add manually this route :	11:41
maxagaz	192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth3	11:41
maxagaz	?	11:41
_ruben	sudo ip route add 192.l68.0/24 dev eth3	11:42
_ruben	sudo ip route add 192.l68.0.0/24 dev eth3 (packetloss :P)	11:43
maxagaz	thanks!	11:45
maxagaz	_ruben,	11:45
maxagaz	and how do I delete it ?	11:45
_ruben	replace add with delete	11:45
_ruben	;)	11:45
maxagaz	thanks :-)	11:46
soren	_ruben: What sort of keymap do you use?	12:00
soren	_ruben: It's been many years since I've seen anyone type 'l' instead of '1' (old-school type writer style).	12:01
_ruben	soren: ehh? not sure what you're getting at	12:03
w00	heh	12:03
soren	_ruben: 11:42 < _ruben> sudo ip route add 192.l68.0/24 dev eth3	12:04
soren	^	12:04
soren	"l68" rather than "168"	12:05
soren	_ruben: ell vs one, if can't tell the difference with your font.	12:06
_ruben	heh, where the **** did that come from :p	12:06
soren	That's what I'd like to know. :)	12:07
* _ruben decides it's a bug in his keyboard		12:07
soren	_ruben: It's the sort of typo I'd expect from someone who learned to type on one of these things: http://en.wikipedia.org/wiki/File:TypewriterHermes.jpg	12:07
w00	lol	12:08
soren	(They had no key for 1 (one). The l (ell) key doubled as the key for 1 (one))	12:08
_ruben	lovely!	12:08
soren	And o doubled as the key for 0.	12:08
_ruben	optimization ftw	12:08
_ruben	but no, can't say i ever typed on one of these	12:09
_ruben	wth .. i nearly typoed 'typed' as 'typoed' (and just did again)	12:09
soren	_ruben: uncanny	12:12
uvirtbot	New bug: #829374 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/829374	12:36
RoAkSoAx	Daviey: Not that i know of but why would u want to demote it now?	13:12
RoAkSoAx	kirkland ^^	13:12
Daviey	RoAkSoAx: It's currently no longer seeded or a depends of a package in Main	13:14
Daviey	So it's queued for demotion, unless we act.	13:14
Daviey	RoAkSoAx: I think it's ok to seed it directly TBH.	13:14
Daviey	Next cycle, i imagine you might depend on it a bit more.	13:14
RoAkSoAx	Daviey yeah orchestra depends on it but still in universe	13:18
RoAkSoAx	Daviey isnt it in the server seed that would keep it in main?	13:19
Daviey	RoAkSoAx: ah, good point	13:19
Daviey	RoAkSoAx: no, it was in main via euca.	13:19
RoAkSoAx	Daviey so i guess it should be on the server seed right?	13:20
Daviey	RoAkSoAx: yes	13:21
Daviey	RoAkSoAx: We don't have a server-supported seed by design.	13:21
RoAkSoAx	Daviey right so whats the solution then	13:22
Daviey	RoAkSoAx: It's small enough to throw it on the ISO this cycle i think	13:23
RoAkSoAx	cool	13:29
jasonmsp	hey all. I noticed today a persistent established connection on localhost.localdomain today between mysql and a 40000 port. I haven't noticed this before. Is there a way to figure out what is running that?	13:44
joschi	jasonmsp: lsof -i :40000	13:49
jasonmsp	thanks! dovecot is running it. Could it be someone connected via imap?	13:52
_ruben	dovecot likely has a persistent db connection open	13:53
jasonmsp	ive not noticed it before. Usually it is clean when I am connected ssh and the only thing open is my connections to the server	13:53
patdk-wk	well, that would depend on the mysql wait timeout setting	13:54
patdk-wk	dovecot will open, and keep it open, till mysql closes it	13:54
patdk-wk	so if your last login was 5min ago, and the wait timeout is 15min	13:54
jasonmsp	so check mysql config?	13:55
NCommander	hallyn: ping, you about?	13:56
jasonmsp	this is only troubling because its been established for over an hour	13:57
patdk-wk	I think 1hour might be the default	13:57
patdk-wk	no, default is 8hours if not changed	13:59
patdk-wk	it's really not an issue and doesn't hurt, unless you limit mysql connections to a very low number	13:59
jasonmsp	ok. it was non-standard for me after running the server for a year I've never seen a connection like that open so long. Thanks!	14:00
uvirtbot	New bug: #829465 in libaio (main) "libaio version 0.3.109-1ubuntu1 failed to build in oneiric" [Undecided,New] https://launchpad.net/bugs/829465	14:03
uvirtbot	New bug: #829468 in memcached (main) "memcached version 1.4.5-1ubuntu2 failed to build in oneiric" [Undecided,New] https://launchpad.net/bugs/829468	14:03
hallyn	NCommander: yes, what's up?	14:08
NCommander	hallyn: would like to discuss LXC security concerns if you have a moment	14:08
NCommander	(based on your LP comment)	14:08
hallyn	NCommander: tbh i'm a bit weary of that. There are no security concerns bc there are no security claims.	14:09
* hallyn goes to look for the recent m-l discussion		14:09
Daviey	NCommander: What bug is that?	14:10
NCommander	Daviey: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/827798	14:10
uvirtbot	Launchpad bug 827798 in lxc "LXC works without warning regardless if cgroup namespaces are properly available" [Wishlist,Triaged]	14:10
NCommander	Daviey: I still need to scratch your brain w.r.t. OpenStack	14:11
uvirtbot	New bug: #829507 in ocfs2-tools (main) "ocfs2-tools version 1.6.3-2ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/829507	14:11
hallyn	NCommander: see for instance http://blog.bofh.it/debian/id_413 and http://sourceforge.net/mailarchive/forum.php?thread_name=4E3AC4B4.7090007%40schaufler-ca.com&forum_name=lxc-users	14:12
hallyn	btw i'm offended by the fact that you can't comment on the firs tlink	14:13
Daviey	NCommander: We can probably grab 10 mins during the release meeting?	14:13
NCommander	Daviey: during?	14:14
Daviey	NCommander: Yeah, unless the release meeting requires 100% of your attention :)	14:14
NCommander	Daviey: sure, I really just need 5 minutes getting up to speed with openstack (and I see that there's now a nice book available on the subject on the internal list)	14:15
Daviey	NCommander: ok, i'll poke you during the meeting - and we'll talk	14:15
* NCommander depserately needs two of himself		14:16
uvirtbot	New bug: #829502 in eucalyptus-commons-ext (universe) "eucalyptus-commons-ext version 0.5.0-0ubuntu2 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/829502	14:19
hallyn	NCommander: how did you want to discuss? did you want to have an real call?	14:19
NCommander	hallyn: actually this answersmost ofmyquestions quite well	14:20
skulltip	i installed 64-bit ubuntu server, dhcp works fine but why can't i get static ip working, or where is an uptodate tutorial for 11.04 that actually works?	14:20
hallyn	NCommander: cool	14:20
hallyn	NCommander: it's too bad there were some... complications last week keeping us from discussing user namespaces and container security	14:21
NCommander	hallyn: I might poke you for a few stray points but this is most helpful. Just out of curiosity, do know where usernamespaces plan to land?	14:21
NCommander	hallyn: it didn't help I spent most of that trip hacking up a lung	14:21
hallyn	NCommander: what do you mean 'where'?	14:21
hallyn	it's a kernel feature	14:21
NCommander	er	14:21
NCommander	WHEN	14:21
hallyn	ah	14:21
* NCommander has not hugged his coffee this morning		14:21
hallyn	no, i don't. i thought it was years off, but we had a prototype working last week, so once we push that to lkml, we'll see how it's received	14:22
hallyn	NCommander: as this stuffs sinks in, do me a favor,	14:22
hallyn	pls think about where/how to best document this for future users. bc obviously we're not doing a good job	14:22
hallyn	I don't know if it should go in the ubuntu server guide, manpages, or what	14:22
NCommander	Somewhere with <blink> tags :-)	14:22
NCommander	I'll get back to you	14:23
NCommander	(what's the current place your documenting it)	14:23
RoyK	skulltip: just set the IP in /etc/network/interfaces	14:24
RoyK	man interfaces	14:24
RoyK	skulltip: if you have installed ubuntu desktop, it'll bring network-manager into the game, overruling /etc/network/interfaces	14:24
skulltip	i know, done tried that and rebooted VM had to set back to dhcp	14:24
hallyn	NCommander: blogs and mailing lists...	14:24
skulltip	no it's ubuntu server 64 bit 11.04	14:25
RoyK	and static ip doesn't work??	14:25
skulltip	i did install several things, like tomcat, mysql, lamp server, ..	14:25
skulltip	in VM it is 10.0.2.15 but IP on main network is 192.168.1.1 - i set gateway to 192.168.. ?	14:26
NCommander	hallyn: yeah, those have the problemthat if you don't regularly read planet or are not subscribed to the list in question, they can fly by unnoticed :-(	14:27
skulltip	it can ping it so must be.. do i set the static address to 192.168.. to 10.0..	14:27
hallyn	NCommander: agreed. Though it's not like "it was secure and we changed it". It just hasn't really come to mind bc we've never, ever said lxc was secure or to be used for anything other than compute farms.	14:28
hallyn	in fact, in the past we said it woudl never be secure. I'm at the point now where I think in maybe 2 years they coudl be as safe as kvm/vmware is. Not as safe as those are perceived to be, but as they are :)	14:28
NCommander	hallyn: yeah, I think someone somewhere stated that it was usable and ready for 'enterprise' use at UDS and well, it kinda went from there. At least now I'm beginning to see the full scope of the problem and it hurts	14:29
Daviey	hallyn: Perhaps i'm missing the issue, but i would have expected security to have been the first feature of LXC, not a bolt on to drive towards.	14:30
Daviey	boggles	14:30
hallyn	NCommander: it is ready for enterprise, for certain uses :)	14:30
hallyn	Daviey: platitudes like that sound nice but dont' jive with how you can get features into the kernel	14:31
hallyn	i'm sorry that sounds mean, but we had to start with the simpler namespaces	14:31
skulltip	i set address to 10.0.2.16, netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 restarting network and I get failed to bring up eth0	14:31
hallyn	we're not writing an editor. we're affecting performance and changing every aspect of resource finding and access	14:32
Daviey	hallyn: I'll keep my jive to myself then :)	14:32
jdstrand	hallyn: I'm assuming that all of this is acknowledged by arkose (stgraber) and any other teams that perceive LXC as the new security hotness? (not trying to insinuate stgraber is not up on all this)	14:33
hallyn	Daviey: also, the original point of the work was not lxc itself, but namespace isolation for checkpoint/restart	14:33
hallyn	jdstrand: yes. (stgraber will yell if not :)	14:33
hallyn	part of the problem is that the real tools are the naemspaces and cgroups,	14:33
hallyn	while lxc is just a tool trying to exploit those for easy use	14:34
hallyn	the security features which lxc would need to provide root-safe containers haven't made it into the kernel, so there is nothing for lxc to offer.	14:34
* hallyn fears Daviey wont' talk to him any more		14:37
hallyn	let alone push the spice ffe :)	14:37
hallyn	NCommander: if you get a few moments to send me an email where you explain the use you were going to have for lxc on arm, please do.	14:42
=== med_out is now known as medberry
hallyn	Daviey: is there any reason not to plop the proposed qemu and libvirt merges for oneiric into ubuntu-virt ppa for testing?	14:44
Daviey	hallyn: go for it!	14:46
Daviey	create a new PPA tho	14:47
NCommander	hallyn: you'd cry if you knew :-)	14:49
NCommander	hallyn: but will do (currently doing 1001 things right now)	14:49
hallyn	Daviey: new ppa? ok	14:51
hallyn	NCommander: yup no hurry. Maybe we need a bug against the main lxc man page to have a WARNING at top about containers not being secure	14:52
hallyn	i'd say we coudl ask jdstrand for help writing an apparmor profile to contain it, but then it'll likely just spuriously prevent package upgrades in containers :(	14:52
hallyn	Daviey: doesn't look like i can create a new ppa	14:53
Daviey	hallyn: argh	14:53
Daviey	hallyn: is there a junky one?	14:53
hallyn	so nm, i'll use my own then.	14:54
hallyn	'daily upstream build' :)	14:54
hallyn	nothing since jan 2010	14:54
Ursinha	Am I online?	15:01
Ursinha	Oh, I seem to be	15:02
hallyn	Ursinha_: Ursinha: you both are :)	15:06
skulltip	do i need to delete the loopback line for a static ip	15:06
skulltip	iface lo inet loopback..	15:06
Ursinha_	hallyn: :) redundancy ftw :P	15:06
giovani	skulltip: no -- that configures the lo/loopback interface -- you want to leave that alone, always	15:07
giovani	you only want to edit lines that are configuring interfaces you're changing (such as eth0, or whichever you're using)	15:07
skulltip	ok even updated nameserver with static IP and /networking restart.. message about it being deprecated and I can't ping the gateway	15:12
skulltip	do i need to add a default gateway route	15:13
Demosthenes	so, pop quiz. i have a natty box, it ought to be running lucid (lts server). how hard is that to change on an already installed box. can i just change the source, update, and safe-upgrade?	15:17
=== zz_ng_ is now known as ng_
lynxman	Ursinha_: no you're not online, get back to work ;)	15:22
lynxman	damn... the sun, it is hot... and unknown	15:25
lynxman	Daviey: ping	15:26
lynxman	Demosthenes: afaik downgrading a box can have hilarious results, your mileage may vary though	15:27
=== otubo is now known as otubo[AFK]
Demosthenes	lynxman: very few real packages installed.	15:27
Demosthenes	no X, no desktop apps, etc.	15:28
lynxman	Demosthenes: still, have in mind that only the upgrade path is tested, and you can find packages that are not downgradable or hard to	15:28
lynxman	Demosthenes: if you need to do that I'd recommend install another machine with lucid or just keep that one working with natty	15:28
Demosthenes	righto!	15:29
Demosthenes	otoh, maybe we wait until the next LTS release and upgrade to it ;]	15:29
lynxman	Demosthenes: that would also be wise indeed	15:30
lynxman	Demosthenes: the new LTS will rock, just sayin'	15:32
* lynxman can't contain his excitement about Ubuntu-P		15:33
Daviey	lynxman: hola	15:33
lynxman	Daviey: ello good sir	15:33
Daviey	lynxman: on the phone.	15:33
lynxman	Daviey: just PMed you a doc, if you can give it a nice +5 and proofread it I'd be full of grate :)	15:33
=== Ursinha` is now known as Ursula
=== Ursinha is now known as Guest16076
=== Ursula is now known as Ursinha
Daviey	hallyn: can you update https://blueprints.launchpad.net/ubuntu/+spec/server-o-lxc-improvements please?	16:05
hallyn	Daviey: yeah, will do. was thinking about that last night while trying to sleep :)	16:06
hallyn	thanks for the reminder	16:06
Daviey	heh	16:06
uvirtbot	New bug: #829599 in libapache2-mod-perl2 (main) "libapache2-mod-perl2 version 2.0.5-2ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/829599	16:07
hallyn	stgraber: http://people.canonical.com/~serge/cgroup-lite.debdiff debdiff introducing cgroup-lite into libcgroup source package	16:18
stgraber	hallyn: looks good. Can you file a FFe bug explaining the reason why this was introduced and pointing to some of the bug reports that'll be fixed by using it instead of cgroup-bin?	16:19
hallyn	yup, will do	16:20
stgraber	attach the debdiff to that bug and I'll then comment that it looks good, I'm using it and see no regression with the new code and that it actually solves a critical bug for me	16:20
hallyn	great, thx	16:21
hallyn	Daviey: were you going to push that ipxe from the lp merge proposal?	16:26
Daviey	hallyn: yep.. it's here	16:27
hallyn	stgraber: do i file that bug against lxc, or against ubuntu?	16:27
hallyn	Daviey: oh? rmadison must be lying to me...	16:27
Daviey	hallyn: assume you haven't touched it since yesterday?	16:27
hallyn	no i haven't. but ramdison doesn't show me a -ubuntu1 version	16:27
Daviey	hallyn: no, it's not pushed yet.. but i am doing it	16:27
hallyn	Daviey: ah, ok. great - thanks	16:27
stgraber	hallyn: it's a patch against libcgroup, so file the FFe against libcgroup	16:28
hallyn	stgraber: sorry i meant libcgroup not lxc :) ok, thanks	16:28
stgraber	ok :)	16:29
hallyn	stgraber: bug 829628	16:44
uvirtbot	Launchpad bug 829628 in libcgroup "[FFE] Add cgroup-lite package" [Undecided,New] https://launchpad.net/bugs/829628	16:44
uvirtbot	New bug: #829625 in ntp (main) "package ntpdate 1:4.2.6.p2 dfsg-1ubuntu5.1 failed to install/upgrade: error writing to '<standard output>': No such file or directory" [Undecided,New] https://launchpad.net/bugs/829625	16:46
stgraber	hallyn: ok, commented and subscribed ubuntu-release for approval	16:50
uvirtbot	New bug: #829628 in libcgroup (universe) "[FFE] Add cgroup-lite package" [Undecided,New] https://launchpad.net/bugs/829628	16:51
hallyn	stgraber: great thanks - let's hope for the best	16:58
=== medberry is now known as med_out
kirkland	RoAkSoAx: howdy! I just uploaded a new powernap that fixes most of the powernap-on-the-desktop issues	17:04
kirkland	RoAkSoAx: you know, the ones jcastro was complaining about last week :-)	17:04
kirkland	jcastro: would you mind giving powernap another try on your desktop?	17:05
* jcastro whistles		17:05
kirkland	jcastro: 2.13	17:05
kirkland	jcastro: it should be much better	17:05
jcastro	sure	17:05
kirkland	jcastro: i've been running it here at the conference all week with success	17:05
jcastro	I'll do it on the laptop.	17:05
kirkland	jcastro: just uploaded minutes ago, so give it an hour or two to build/publish	17:05
kirkland	jcastro: sweet, thanks	17:05
kirkland	RoAkSoAx: give it a little testing, if you can	17:05
jcastro	should I configure it or just run it "stock"?	17:05
=== shymega is now known as Guest77991
RoAkSoAx	kirkland: cool will do!!	17:23
RoAkSoAx	kirkland: how was the presentation though?	17:23
noecc	"java2-runtime" is a virtual package provided by: openjdk-6-jre gcj-4.4-jre gcj-jre default-jre	17:23
noecc	Is there a preference of one over the others?	17:23
=== shymega is now known as Guest88727
=== otubo[AFK] is now known as otubo
RoAkSoAx	kirkland: btw.. when you have the chance to talk a lil bit about rsyslog for orchestra let me know	17:43
ahasenack	smoser: hi, is there a ppa for cloud-utils? I'm on lucid	17:45
ahasenack	I have 0.11-0ubuntu1	17:45
=== ng_ is now known as zz_ng_
kirkland	RoAkSoAx: excellent!	17:59
kirkland	RoAkSoAx: can irc now, if you like	17:59
kirkland	RoAkSoAx: also, i saw you disabled the initial iso import ... why? are you going to re-enable it?	18:00
RoAkSoAx	kirkland: yes I will re-enable it on release	18:00
RoAkSoAx	kirkland: right now it makes my testing difficult :) (i just disabled it for testing)	18:00
RoAkSoAx	kirkland: but anyways, logging-server is done, the only thing left is make sure the client installs the stuff through the preseed and obtains the keys	18:01
RoAkSoAx	kirkland: the "difficulty" here is that, in case we manually installed ubuntu-orchestra-client on a server, it will configure the client syslog but it won't be able to obtain the keys	18:01
RoAkSoAx	kirkland: unlike if we preseed it	18:01
RoAkSoAx	kirkland: so I was thinking on getting the postinst to check if orchestra server is accessible and obtain the keys if it is	18:02
RoAkSoAx	kirkland: however, this would require to have the keys available over web which is probably not desirable as discussed in austin	18:02
RoAkSoAx	kirkland: so before preseeding it, i simple though it would be better to have a way to do both things	18:03
RoAkSoAx	what do you think?	18:03
RoAkSoAx	pin/win 4	18:04
RoAkSoAx	arh	18:04
kirkland	RoAkSoAx: make it configurable then, dude	18:04
kirkland	RoAkSoAx: actually, it's already configurable	18:04
kirkland	RoAkSoAx: sweet, is logging working through ssl?	18:05
RoAkSoAx	kirkland: yes logging is working through ssl :D	18:05
RoAkSoAx	kirkland: the only difference is that if we preseed, the client will automatically obtain the keys and start logging with the server	18:06
RoAkSoAx	if we install ubuntu-orchestra-client on anhy other server thjat orchestra didn't preseed, we would manually need to obtain the key	18:06
RoAkSoAx	kirkland: so the real issue is not to make the key publicly available through HTTP	18:07
RoAkSoAx	kirkland: unless we could use the SSH keys to ssh ing and grab the key	18:08
RoAkSoAx	but yet again, if we dont preseed with orchestra, then no ssh keys will be available	18:08
* RoAkSoAx wonders if he is explaining himself correctly :)		18:09
cloakable	No. Commit seppuku.	18:10
=== pleia2_ is now known as pleia2
=== AntORG_ is now known as AntORG
RoAkSoAx	jdstrand: howdy	18:40
jdstrand	RoAkSoAx: hi	18:40
RoAkSoAx	jdstrand: does this satisfy the rejection reason for kitchen(python-kitchen)? http://paste.ubuntu.com/670291/	18:41
jdstrand	RoAkSoAx: looks good to me	18:42
RoAkSoAx	jdstrand: alrighty then. Will re-upload. Thanks	18:42
jdstrand	thank you :)	18:42
RoAkSoAx	jdstrand: thank you for pointing it out :)	18:43
=== zz_ng_ is now known as ng_
=== ng_ is now known as zz_ng_
lynxman	kirkland: ping, whenever you're around	19:36
=== med_out is now known as medberry
RoAkSoAx	kirkland: so this is what I'll do: Cobbler let's you import python modules in kickstarts. So, I will create a python-orchestra module with "utilities"	19:54
RoAkSoAx	kirkland: this will have the script that generates the encoding of the keys and will generate a command that will install these keys into the deployed machine	19:55
RoAkSoAx	kirkland: so we will import a snippet in the kickstart, this snippet will call the cobbler python module and will return a command in the way of "d-i balblabla" that will actually install the keys	19:56
diimdeep	hello, please advice good vps	20:07
diimdeep	for personal use	20:07
diimdeep	*vps hosting	20:09
diimdeep	linode, slicehost .. ?	20:09
=== mosburn_ is now known as mosburn
=== Ursinha` is now known as Ursinha
=== Ursinha is now known as Guest59628
Nvrnight	Anyone running Ubuntu Server 11.04 have any problems running apt-get install from a shell script?	20:25
Nvrnight	"apt-get install apache2" says it can't find the package from the shell script, but if I run it directly in the terminal, it finds it just find	20:26
soren	Nvrnight: Can you pastebin the exact error message?	20:35
Nvrnight	It's a one liner, "E: Unable to locate package apache2"	20:40
soren	Can you create another shell script that does the same thing?	20:41
Nvrnight	lemme try	20:43
Nvrnight	oh, a new script works	20:44
Nvrnight	I downloaded my script off a server, something must;ve happened?	20:44
soren	Guess so.	20:48
diimdeep	why you ignore my question ?	20:49
Nvrnight	soren, alright on a new investigation to see what I need to do to the file, lol, thanks for the help	20:49
soren	diimdeep: I prefer questions I can answer.	20:50
w00	Wrong channel for it also i'd say?!	20:51
diimdeep	w00: there is no channel for that, except google.com	20:53
=== medberry is now known as med_out
diimdeep	and http://serverfault.com/questions/tagged/vps?sort=votes&pagesize=15 but similar questions a bit outdated	20:55
Myrtti	that would be because it's all up to your preference, location and needs	20:55
Nvrnight	soren, windows put \r's into my file, dos2unix fixed up my script and it works fine after that, thanks for the help in finding that	20:56
kirkland	lynxman: ping	20:58
kirkland	RoAkSoAx: okay	20:59
lynxman	kirkland: pong	21:00
kirkland	lynxman: sorry, i was ponging you :-)	21:00
DSpair	Hey all, need some help in recovering a broken LVM mirror.	21:04
DSpair	When I initially created the mirror, I guess I wasn't paying attention. I created the 2 legs on 2 separate drives and the mirror log on a 3rd drive. The drive with the mirror log failed and now it will not let me recover the mirrored volume.	21:05
DSpair	From what I am reading on the LVM mailing list archives, this may not be recoverable, but I'm hoping someone here might have a suggestion	21:06
DSpair	Whew!!!	21:20
DSpair	Yay!!!	21:20
TomasBrincil	whow!!!	21:20
DSpair	Looks like it is recoverable.	21:21
TomasBrincil	^^	21:21
uvirtbot`	TomasBrincil: Error: "^" is not a valid command.	21:21
DSpair	Thank freaking goodness!	21:21
bernhard2	Is there a web based administrator for exim4 or dovecot ??	22:02
Daviey	ajaxterm? :)	22:10
Daviey	hallyn: around?	22:37
bernhard2	question.. im setting up exim4 with dovecot (it works 80%).. i want to setup mail for several domains.. This is done within Exim4 ??	22:39
patdk-lap	yes, and maybe dovecot too	22:40
patdk-lap	depending on exactly how you want it setup	22:40
qman__	I've never done exim, but I've done it on postfix	22:51
qman__	and in that case, the multiple domains bit was mostly on postfix	22:51
qman__	so I assume it's also on exim	22:51
patdk-lap	all depends if you want those domains to be different email boxes or not	22:52
Daviey	postfix is the Ubuntu favoured MTA over exim4	22:52
=== Andre_Go` is now known as Andre_Gondim
bernhard2	<patdk-lap><qman__> <Daviey> Well have about 5 domains.. websites are on the same server too.. what do you mean with different email boxes ?	22:58
qman__	there's really two ways to do things	22:59
qman__	one is with the server simply accepting mail from all your domains	22:59
qman__	but in that case, user1@domaina and user1@domainb are the same user, same mailbox	22:59
qman__	what you probably want are virtual mailboxes	22:59
qman__	which create separate users and mailboxes for each domain	22:59
pr0z0id	is there a more robust pptpd server available.... looking for something that does not store passwords in a plain text file	23:00
pr0z0id	(in plain text)	23:01
patdk-lap	pr0z0id, that would be chap	23:01
patdk-lap	instead of pap	23:01
patdk-lap	but really why does it matter?	23:02
patdk-lap	if you store a password hash, your normally forced to send the password over the connection for auth	23:02
patdk-lap	so both ways the raw password makes it to the server	23:02
qman__	yeah, pptp isn't the most secure thing to run	23:03
qman__	not in terms of bugs and holes, just design	23:04
patdk-lap	switch to l2tp?	23:05
qman__	nah, openVPN	23:05
pr0z0id	i have openvpn already	23:05
pr0z0id	but need support for iOS etc.	23:06
pr0z0id	consoles ... that sort of thing	23:06
patdk-lap	for ios, your going be stuck with ipsec + l2tp	23:06
qman__	hashed or not, guard that password file with your life	23:06
qman__	it's just a design limitation	23:06
pr0z0id	i hate the idea..	23:08
pr0z0id	that's why i'm looking for something better.	23:08
patdk-lap	it's even more evil ios won't let you use certs	23:08
bernhard2	<qman__> yes would want virtual mailboxes which create separate users and mailboxes for each domain	23:20

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!