/srv/irclogs.ubuntu.com/2011/08/29/#ubuntu-server.txt

ejat	hi .. i do the release upgrade on ec2 .. from maverick to natty then i get this	00:16
ejat	http://paste.ubuntu.com/676897/	00:17
ejat	is it ok for me to reboot or need to fix it 1st then reboot	00:17
Doonz	hey guys anyone have experince with smal storage solutions?	01:15
jcastro	jamespage: Does the etherpad-lite formula work? I just gave it a try.	01:29
jcastro	it listens on port 9001 iirc?	01:29
patdk-lap	smal?	01:33
Doonz	small*	01:37
jmarsden	Doonz: Please try to be much more specific about what you are asking. A microSD card is a "small storage solution", and I have one of those -- but I don't think that is what you mean... is it?	02:08
Doonz	well lets see. Ok Im trying to build a media storage set up for home around the 100tb mark. I currently run 25tb btu what im finding is my sever is getting to taxed and performance is suffering. So i have thought of breaking the one large system into multiple systems	02:11
Doonz	i just dont understand alot of the terms	02:12
Doonz	and im not sure which way i should go without spending a billion bux	02:12
=== DarkwingDuck_ is now known as DarkwingDuck
=== lickalott_ is now known as lickalott
=== smb` is now known as smb
trapmax	Any idea how to get rid of "File descriptor 15 (socket:[6111]) leaked on lvremove invocation." messages?	07:39
van7hu	howdy	07:49
van7hu	how could I know if my kernel was compiled with netfilter support?	07:50
ayambit	van7hu: try to add iptables rule?	07:59
van7hu	.e.g iptables ... etc?	07:59
van7hu	by the mean of ubuntu, is it default?	07:59
ayambit	van7hu: yes, iptables. It is enabled by default (of course) in ubuntu.	08:00
van7hu	but netfilter?	08:00
ayambit	iptables needs netfilter, so if your iptables rule will work, netfilter is available.	08:02
ayambit	And it is in ubuntu-server by default.	08:02
van7hu	okay, thank you	08:04
=== masACC is now known as maswan
uvirtbot`	New bug: #634102 in cloud-init (main) "t1.micro EC2 instances hang on reboot" [High,Fix released] https://launchpad.net/bugs/634102	08:37
=== uvirtbot` is now known as uvirtbot
=== himcesjf1 is now known as himcesjf
igcek	hello, what would be the best way to have multiple web servers on one static ip	08:55
igcek	different machines with for. ex.	08:56
igcek	ubuntu server installed on them	08:56
ersi	igcek: Utilise different ports for the different daemons	08:57
ersi	Or have some reverse proxy magic on :80 and the other web daemons on other ports and rewrite the requests	08:58
ersi	igcek: Why several different web servers on the same IP though? Or do you just want to serve different domains/sites on the same web server?	08:59
igcek	i have production server and a server production to be... so they all have to be seperated and on port 80.	09:00
igcek	would it work if i just like redirected domain to ip with port and then do a port forwarding? ip:xx.xx.xx.xx:234	09:01
ersi	igcek: You have one serving the 'production site' and one for testing?	09:02
igcek	now i have one serving the production site, and it probably is not a good idea to put next to it a testing web page. but overall idea is to have for every company physicly different server	09:05
igcek	virtualisation	09:05
ersi	igcek: Yeah, okay - I understand that. But why have it on the same IP?	09:20
ersi	And the same port..	09:20
igcek	they would all be web servers. (port 80) i only have one static ip. (worldwide)	09:21
linocisco	I want to make ubuntu mail server for windows clients. THat mail server would be for communicating one PC to another if internet is offline. I would like to know where I can find reference link.	09:24
ersi	igcek: Why is changing IP not feaseble? Like using :8080 for the test machine	09:26
ersi	igcek: I meant port, not IP	09:26
igcek	i would like to have transition as painless as can be	09:28
linocisco	I keep seeking on youtube. all are with non-english version. and with GUI desktop. I want to see english version configuration on CLI only pure ubuntu server .	09:28
ersi	linocisco: Usually you will need no further configuration than setting up the mail accounts on the same domain and serve that domain from That mail server	09:29
ersi	linocisco: As in user@companyA.com will be able to mail collueage@companyA.com even if other networks are unreachable	09:30
linocisco	ersi: Yes. I did choosing internet site.	09:30
ersi	And?	09:30
linocisco	ersi: I would like to know how to create users and how to configure accounts on windows mail clients like outlook or thuderbird	09:31
linocisco	ersi: I tried telnet localhost 25 . it was fine	09:31
ersi	Depends on configuration.. usually the default is to use whatever accounts are on the machine. ie local users (root, linocisco, etc in /etc/passwd)	09:31
ersi	25? Have you only configured SMTP?	09:32
linocisco	ersi: as I have no extra computer. I am to setup my ubuntu text base server on VM and client is my widnows 7 on celeron Toshiba Laptop	09:32
ersi	Um >_> Hm	09:32
linocisco	ersi: I have only one default account since creation. I have not setup DNS server or BIND config on that.	09:33
ersi	Well, you don't really need that for a functional mail service.. What you need is something like postfix to handle incoming mail, and whatever you're using now for SMTP/shuffling outgoing mail	09:34
ersi	I usually just use postfix and dovecot together	09:34
ersi	There's like, endless amounts of documentation of both softwares (in English).. They can be a bit tricky to get to work if it's the first time though	09:35
ersi	linocisco: Maybe this can be of service to you? https://help.ubuntu.com/10.04/serverguide/C/email-services.html	09:36
uvirtbot	New bug: #836544 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/836544	09:36
linocisco	ersi: The worst thing is I have no internet with my ubuntu server. When I installed mail server, I did using CD installer during installation. I selected [Mail server]. I dont know how to install dovecot without internet. Even with CDrom, I dont know how to , after installaton.	09:40
Daviey	Who is in the mood for some bug triage? Yeah!	09:41
ersi	linocisco: Heh, oh yeah.. Hm, that always makes stuff a lot more... interesting.	09:43
linocisco	ersi: does server installer include dovecot or Not ?	09:44
ersi	linocisco: I don't know, I'm spoiled with always-internet :\|	09:44
linocisco	ersi: that sucks. our country has expensive internet	09:45
linocisco	Does anybody know how to build email server for windows clients using ubuntu server installer CD only ?	09:50
linocisco	is there any ubuntu server training video except the one by Michael Jang which is just in brief ?	10:02
EriksLV	hi	10:04
EriksLV	any recommendations for raid5 controller that works with ubuntu server?	10:04
linocisco	EriksLV: hardware raid or software raid ? hardware RAID is better	10:05
EriksLV	hardware raid	10:05
linocisco	EriksLV: I would recommend ASUS motherboards	10:06
EriksLV	asus	10:06
EriksLV	for a server?	10:07
EriksLV	a joke?	10:07
EriksLV	I need PCIE RAID controller	10:07
patdk-lap	what kind of drives are going be used?	10:10
EriksLV	4xWD RE4 1TB SATA2 3.5" 7200RPM 64MB	10:17
EriksLV	part number: WD1003FBYX	10:18
EriksLV	any recommendations patdk-lap?	10:19
* soren doesn't care much for hardware raid		10:21
Guybrush_T	hi guys! i want to use a mra to get all the mails from my different mail accs and forward them to a specific imap folder - i heard from fetchmail and getmail and also that they are not that geat pieces of software. anyone has a better idea?	11:08
=== TRKDK is now known as TRK
memoryleak	I'm trying to use a bash variable in a sed expression - how could I make this work: sed 's/__USER__/${USERNAME}/g' template.conf	12:09
EriksLV	maybe escape dollar sign...	12:17
EriksLV	just a guess	12:17
trapmax	or "'$USER'"	12:17
Ursinha	morning	12:39
Daviey	Ursinha: o/	12:48
zul	hi Ursinha	12:48
Daviey	Today is a national holiday :/	12:49
Daviey	zul: Stuff which concerns us on, http://people.ubuntu.com/~davewalker/component-mismatches-mir-track.html - can you check we need them, and raise a MIR if we do?	12:50
Daviey	-carrot will be required for nova after all.	12:50
Daviey	-dingus and -anyjson not looked at	12:50
zul	kombu is not going to work?	12:50
Daviey	-stompy needs body in the MIR	12:50
Daviey	zul: nah, it turned out to be too heavy to replace this late in openstacks cycle.	12:50
zul	Daviey: i was going to make a joke about it but good thing for the delete key	12:51
Daviey	heh	12:52
ersi	What's a "MIR"?	13:10
jcastro	Main inclusion report: https://wiki.ubuntu.com/MainInclusionProcess	13:10
Daviey	kees: Would you be able to look at the kombu MIR please? :)	13:20
soren	Daviey: If we're stuck on -carrot, why do we need kombu?	13:28
zul	soren: glance uses it	13:39
linocisco	hi	13:57
linocisco	how to setup ubuntu mail server to be used by microsoft outlook ?	13:58
patdk-wk	what exactly is, ubuntu mail server?	14:01
patdk-wk	a postfix/dovecot install?	14:01
=== DrNick___ is now known as DrNick__
uvirtbot	New bug: #836728 in krb5 (main) "package libkadm5clnt-mit7 1.8.3 dfsg-5ubuntu2.1 failed to install/upgrade: error writing to '<standard output>': Success" [Undecided,New] https://launchpad.net/bugs/836728	14:26
=== himcesjf1 is now known as himcesjf
soren	zul: Ah.	15:32
laserbled	Hi, I have logged into 10.10 64 bit through ssh - I installed xorg-xserver - but I cant startx - please tell me what to do to get to the x environment	15:56
=== med_out is now known as medberry
elz89	How can I configure slapd daemon to listen on only one of the network interfaces?	16:59
bkerensa	elz89: Have you checked the slapd.conf ?	17:01
elz89	bkerensa: no only /etc/ldap/ldap.conf I shall check slapd.conf now.	17:02
bkerensa	elz89: Yeah I would check it and see if it allows you to define listening	17:03
elz89	bkerensa: all I can find is /usr/share/slapd/slapd.conf and no mention in there of interface.	17:05
bkerensa	odd	17:05
bkerensa	elz89: Here http://www.openldap.org/doc/admin24/security.html	17:06
elz89	bkerensa: I have that page already, and it does not mention how it is done on ubuntu server in a config file.	17:07
elz89	Or does it mean if I start it once with specified interface it will remember that in config file for next start?	17:07
bkerensa	perhaps	17:08
bkerensa	let me dig a little more	17:08
elz89	OK thank you :-)	17:08
elz89	I'm happy to be given things to read as well.	17:09
bkerensa	elz89: I looked pretty good and it doesnt seem like there is any info in man or on google to do selective listening	17:10
bkerensa	=o	17:10
elz89	bkerensa: Yeah I had a good google :-P or so I thought.	17:11
bkerensa	elz89: Have you considered asking a OpenLDAP dev?	17:11
pmatulis	elz89: see /etc/default/slapd	17:19
bkerensa	elz89: Did pmatulis help you out?	17:23
kernelpanicker	feel free to suggest the right channel... but where does bind9 store it's DNS cache?	17:25
bkerensa	kernelpanicker: I think its stored in memory unless you specific it to backup elsewhere	17:27
bkerensa	kernelpanicker: Check /var/tmp	17:27
uvirtbot	New bug: #836849 in samba (main) "Samba starts before static IPs set in network manager" [Undecided,New] https://launchpad.net/bugs/836849	17:29
noecc	I've compiled git from source, aptitude install puppet wants to install git-core{a}. How can I proceed without installing git-core{a}?	17:33
bkerensa	noecc: Perhaps remove git then apt get install git && puppet	17:56
noecc	bkerensa: yes except I prefer the latest git from source.	17:58
bkerensa	hmm ok does the latest git have a .deb?	17:59
genii-around	noecc: Maybe set APT::Install-Recommends and APT::Install-Suggests both to zero	17:59
bkerensa	genii-around: +1 I totally didnt think of that	18:00
uvirtbot	New bug: #836875 in bacula (main) "package bacula-director-mysql 5.0.3-1ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/836875	18:01
elz89	pmatulis, bkerensa, : nothing in that file either :-(	18:02
bkerensa	elz89: OpenLDAP devs maybe ask them thats what I would do :D	18:02
bkerensa	elz89: If you find out how ping me and I will make a How-To for others	18:03
pmatulis	elz89: this doesn't give you a hint:	18:05
pmatulis	# Example usage:	18:05
pmatulis	# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"	18:05
Daviey	soren: glance needs kombu	18:05
Daviey	Ah, zul already answered you	18:06
Daviey	soren: infact, glance D4 is blocked in unapporved pending MIR kombu MIR.	18:06
elz89	pmatulis: Thank You	18:09
uvirtbot	New bug: #836889 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/836889	18:21
kernelpanicker	I'm setting up postfix on ubuntu 10.04; how do I hold mail for users in such a way that they can't log into the system via, say, SSH?	18:28
alamar	by not giving them a valid shell for example?	18:34
alamar	or by using non-system user mail accounts	18:34
TheEvilPhoenix	^	18:35
kernelpanicker	well... I'm creating a VPS to handle the mail and lists for an existing server. I'll have some mail coming in for some regular users, and the rest will be list traffic.	18:36
kernelpanicker	I'm unclear on where the mail will be 'held' for the list members, and how to deal with the 'regular' mail users...	18:37
alamar	kernelpanicker: mail will not be held for mailinglist users	18:37
kernelpanicker	I have to use postfix/dovecot/mailman, as well, as that's what I've been told to do...	18:37
alamar	it will be delivered to the mailinglist's registered addresses	18:37
kernelpanicker	and I'll be honest, I've been wrestling with this for almost 2 1/2 weeks now...	18:37
kernelpanicker	something that would take one of you probaby 3 hours...	18:38
kernelpanicker	because I don't have a clue.	18:38
alamar	there's like a million howtos that exactly describe how to set up this software constellation	18:38
kernelpanicker	But onward ho, right?	18:38
kernelpanicker	I have a bookmark for each how to...	18:38
kernelpanicker	all of them imperative masterpieces, for particular distros...	18:38
kernelpanicker	etc...	18:38
alamar	well maybe you should pay someone who has more of a clue	18:38
kernelpanicker	I would, if I had more than, what, .27 cents in my pocket.	18:39
kernelpanicker	and also, I want to learn about this stuff.	18:39
kernelpanicker	that was 27 cents...	18:39
kernelpanicker	at any rate...	18:40
kernelpanicker	it seems like the non list email recipients need something to hold their mail, right?	18:40
kernelpanicker	and that not all of them should be able to log into the box...	18:40
kernelpanicker	so I can't just make them into users, right?	18:40
kernelpanicker	There should be some mechanism for holding mail for them, but not making them users, and I recall something like 'adduser -s /sbin/nologin emailusername; passwd emailusername' on other flavors of linux...	18:42
alamar	you can do more or less anything. you can create individual system user's, you can prevent them from logging in, you could create virtual user'S (meaning non-system but in some other database like ldap or mysql)	18:42
kernelpanicker	but that doesn't seem to work in Ubuntu.	18:42
kernelpanicker	alamar: OK	18:42
alamar	kernelpanicker: it is not a good idea to try to administer a public running server if you do not have any idea what you are doing	18:42
kernelpanicker	alamar: tell me about it	18:42
kernelpanicker	doesn't life suck	18:43
ersi	Unfortunally, with mail services - it's usually learning by doing	18:43
alamar	ersi: you can learn and do a LOT by reading appropriate documentation and using a controlled environment	18:43
kernelpanicker	it's also not a good idea to get married, have kids, or jump from hovering helicopters	18:43
alamar	or it will be learning the hardware by ending up on nearly every blacklist	18:44
alamar	and having a non functional mailserver anyway..	18:44
glebaron	I have a question about ubuntu 10.04 server with multipath drive arrays attached. http://paste.ubuntu.com/677378/ is my multipath listing. http://paste.ubuntu.com/677380/ is my ls -al from /dev/mapper/	18:44
alamar	s/hardware/hard way/	18:44
kernelpanicker	what's fantastic is that if one does decide to learn, one can plunge in, read documentation, and get help from irc channels when you're stuck ;)	18:44
ersi	alamar: Well well, you can prepare all you want.. when you go live, you can bet your horse on that something's wrong anyway :P	18:45
alamar	ersi: but then I didn'T rush into running live before even knowing what I'm doing	18:45
glebaron	All is good until I reboot the server. When it comes back up, in /dev/mapper/ all of the mpathxp#'s are missing.	18:45
glebaron	Then the only way I can get them back is to run partprobe /dev/mapper/mpathx.	18:46
ersi	alamar: All sound advice, for sure.	18:46
glebaron	I am thinking that a reboot should not cause it to loose the partition maps.	18:46
glebaron	*lose	18:46
kernelpanicker	alamar is 100% right	18:46
alamar	ersi: it's servers like that which are sending millions of spam mails before their admins EVEN NOTICE it	18:46
kernelpanicker	so, alamar, what are your top two ways of locking down your servers to prevent them from becoming spam farms, and I'll go google them to learn.	18:47
ersi	alamar: I was not saying that one should rush into deploying, without looking at the documentation or taking the 'simple' steps to make sure you won't get instablacklisted	18:47
kernelpanicker	or just one will get me going.	18:47
ersi	Always always authenticate users of your outgoing services	18:48
* kernelpanicker googles 'authenticating users of outgoing mail services'		18:48
ersi	"Outgoing authentication" is perhaps a better search term	18:50
kernelpanicker	ok	18:51
tarvid	if I have a string of nsupdate commands that appear to do what I want to do, where is the best place on the client to hook them?	18:55
alamar	set up dns properly (forward confirmed reverse dns), read up on spf (some server's will not accept mail without proper spf records for your domain), implement proper user authentication, provide ssl, use monitoring(munin/nagios), read the documentation for all used software components(postfix, dovecot, mailman and whatever your authentication backend will be)	18:55
alamar	think about using dnsbls/rbls	18:56
alamar	think about greylisting and/or whitelisting	18:56
alamar	and run ntpd to keep your time in synch if you not already do so	18:56
alamar	don't run any other unecessary services, keep up with the security updates for your distribution	18:57
alamar	think about using ratelimiting rules in your firewall, maybe use some mechanism like fail2ban to monitor/ban password/account cracking attempts	18:58
alamar	test your configuration (at least with http://www.abuse.net/relay.html ) if it can be abused as open relay	18:59
Daviey	soren: Around?	19:03
Daviey	I wanted to talk to you about greenlet.	19:04
soren	Shoot	19:04
Daviey	soren: So.. Firstly.. I had NFI it was monkey patching.. Really confused me why standalone code was working, but not inside openstack :)	19:06
Daviey	soren: secondly.. Do you know how to NONBLOCK ?	19:06
Daviey	This crappy snippet works with standard os, but not greenlet monkey patched: os.fdopen(os.open(fpath, os.O_RDONLY \| os.O_NONBLOCK))	19:07
Daviey	ie, it's blocking.	19:07
soren	Yh.	19:09
soren	Uh, even.	19:09
soren	Sorry, what are you trying to do?	19:09
koolhead17	RoAkSoAx: ping	19:09
Daviey	soren: so.. I want to open a char device.. so "cat foo" would hang forever as there is no EOF. It's like doing a tail -f.	19:11
soren	Daviey: Ok.	19:11
Daviey	I want to capture what is there, which is achieved with teh fugly snippet up there using standard os.	19:11
soren	Daviey: So you want it block.	19:11
Daviey	but the monkey patched os ignores the os.O_NONBLOCK	19:12
Daviey	no, i want it to NOT block	19:12
soren	Daviey: You're confused.	19:12
soren	Or you	19:12
Daviey	ah. I bet os.O_NONBLOCK = None in the monkey patched os.	19:12
soren	're making me confused.	19:12
Daviey	hold fire.. lemme check my theory.	19:12
soren	Daviey: You say: 'so "cat foo" would hang forever as there is no EOF.	19:13
Daviey	Yes.	19:13
soren	Daviey: That means it's blocking.	19:13
soren	Non nonblocking.	19:13
Daviey	yes, i want it to not block.	19:13
soren	Ok... Let's pretend I didn't hear anything but that, shall we?	19:13
soren	:)	19:13
Daviey	ok :)	19:14
soren	Specifically, I'll ignore all the confusing bits you said. :)	19:14
Daviey	I'm not sure what part confused.. :/	19:14
soren	WEll, if "cat foo" hangs forever... That means it's blocking.	19:14
Daviey	correct	19:14
soren	...but you say you want non-blocking.	19:14
soren	That's confusing.	19:14
soren	Or a REALLY bad example of what you want to do.	19:14
Daviey	I want to cat foo and for it to NOT block.	19:14
soren	Aha!	19:15
soren	Awesome.	19:15
soren	Ok.	19:15
soren	So..	19:15
soren	This is why I hate eventlet.	19:15
Daviey	my theory is that os.O_NONBLOCK is not implemented.	19:15
soren	You don't get to play with non-blocking I/O.	19:15
soren	It does it for you and you only get to pretend you're dealing with blocking I/O.	19:15
SpamapS	eventlet means that every event "blocks" but returns control to the event loop, right?	19:17
soren	So all your code ends up looking like it's using blocking I/O, but behind the scenes, eventlet does a buch of magic to make it non-blocking.	19:17
soren	Yes, the is easier for people who don't grok how to write proper async code, but it's really, really confusing if you do.	19:17
soren	SpamapS: That's essentially what ahppens behind the scenes, yes. Hidden away. Unless you go and look, you haven't a clue there's such a thing as an event loop.	19:18
soren	For better or worse.	19:18
Daviey	soren: both values of os.O_NONBLOCK == 2048.. So it gets deeper.. sigh	19:18
soren	Daviey: You need to stop making assumptions about anything.	19:19
soren	Daviey: Because eventlet probably monkey patched those assumptions to no longer be true.	19:19
Daviey	soren: Well i mean, 2048 is a value in both patched and pure os. However, the 'deeper' means it's not implemented within greenelt.	19:20
soren	Daviey: Do you have some code that demonstrates your problem that I can help you debug?	19:20
Daviey	soren: It would be easier for you to share my env tbh. Give me a few.	19:21
soren	Daviey: ok, cool.	19:21
Daviey	soren: ssh ubuntu@91.189.93.86 -t bash ; sudo -s ; screen -xr	19:24
Daviey	soren: The only window running vi is the one to grok	19:25
soren	Daviey: What are you trying to achieve again? Does the existing code not work?	19:29
soren	Daviey: I wonder how longs it's been since I wrote the Xen code. It's not entirely impossible it predates the eventletification.	19:30
Daviey	soren: sniffing bug 832507, and using a ring buffer, rather than a standard file.	19:31
uvirtbot	Launchpad bug 832507 in nova "console.log grows indefinitely" [Low,Confirmed] https://launchpad.net/bugs/832507	19:31
RoAkSoAx	koolhead17: pong	19:31
koolhead17	RoAkSoAx: do you have few minutes? i got few questions.	19:31
RoAkSoAx	koolhead17: sure	19:32
Daviey	soren: so get consolelog blocks using standard os read() as it doesn't EOF	19:32
koolhead17	cool	19:32
soren	Daviey: ...for Xen.	19:32
Daviey	soren: I'm only testing against kvm/qemu atm	19:32
soren	Daviey: That doesn't make any sense.	19:33
soren	Daviey: kvm logs directly to a file.	19:33
soren	Daviey: A plain file. It absolutely EOF's.	19:33
Daviey	soren: which is the roblem.	19:33
Daviey	problem.	19:33
soren	I understand that that is the problem outlined in the bug.	19:33
Daviey	20:31 < Daviey> soren: sniffing bug 832507, and using a ring buffer, rather than a standard file.	19:33
uvirtbot	Launchpad bug 832507 in nova "console.log grows indefinitely" [Low,Confirmed] https://launchpad.net/bugs/832507	19:33
soren	Ok, you've lost me somewhere.	19:34
soren	kvm logs to a file.	19:34
soren	This file can grow indefinitly, which is really bad.	19:34
soren	Now, where does the need for non-blocking I/O come into the picture?	19:34
Daviey	soren: Yes, which is why i am sniffing using a ringbuffer char device, rather than a plain test file.	19:34
Daviey	text file*	19:35
soren	A.... ringbuffer char device?	19:35
soren	Enlighten me please.	19:35
Daviey	soren: emlog	19:35
Daviey	soren: http://www.circlemud.org/jelson/software/emlog/	19:35
koolhead17	RoAkSoAx: 1. i am using cobbler system for adding a specific system and i have defined it to acquire static IP in th preseed like this http://pastebin.com/Mw7UiVNB but its failing.	19:36
Daviey	soren: WIP - http://paste.ubuntu.com/677426/	19:36
soren	Daviey: Oh, and it doesn't only support Linux 2.2. It supports Linux 2.4, too!	19:37
soren	Oh, wait.	19:37
RoAkSoAx	koolhead17: what's failing?	19:37
Daviey	soren: I'm actually using a fork :)	19:38
koolhead17	netcfg/choose_interface=eth1 as additional kopts	19:38
koolhead17	RoAkSoAx: it fails to assign this static IP after reboot, rather i would say it just takes DHCP ip for installing the whole system :(	19:38
koolhead17	am trying to provision Oneiric :D	19:39
Daviey	soren: BTW, if you have a better idea.. i'm all ears :)	19:39
RoAkSoAx	koolhead17: right, so on installation it doesn't use the values you passed on the preseed but rather it used DHCP?	19:39
koolhead17	RoAkSoAx: yes	19:39
RoAkSoAx	koolhead17: so when you reboot, it does not have the network values you have specified	19:39
koolhead17	yes	19:39
RoAkSoAx	koolhead17: that might be a problem of the installer, ping cjwatson	19:40
RoAkSoAx	koolhead17: other thing you can do, is enable DHCP on cobbler, and set the values for the system, so you configure your network to obtain DHCP from the cobbler server	19:40
koolhead17	RoAkSoAx: yeah i tried that as well, inside cobbler system options, even it fails	19:41
* koolhead17 pokes cjwatson:		19:41
RoAkSoAx	koolhead17: it shouldn;t fail, I have it working	19:41
Daviey	soren: So that patch does work, when using the standard os for read()'ing the file.	19:41
RoAkSoAx	koolhead17: I'd recommend you use dnsmasq	19:42
RoAkSoAx	sudo vim /etc/cobbler/modules.conf and enable DHCP	19:42
RoAkSoAx	for dnsmasq	19:42
RoAkSoAx	and then in /etc/cobbler/settings	19:42
RoAkSoAx	koolhead17: then on a system add an interface with MAC, IP address etc	19:42
koolhead17	RoAkSoAx: i have currently dhcp server whose configuration file is fetched via cobbler only.	19:43
koolhead17	also if i have a configuration in my profile and am using that with my system, will cobbler overwrite the parameters of that profile for my syste?	19:44
koolhead17	*system	19:44
koolhead17	RoAkSoAx: am going to remove this configuration from my preseed and add everything in systems file as you suggested.	19:45
Daviey	soren: I don't think it can be piped to rotatelog. The other option is logrotate, but that will react too slowly. ISTM that this is a cleaner solution.	19:45
RoAkSoAx	koolhead17: the way how we are doing it in orchestra is enable dhcp on the cobbler server and add systems with the information we want the dchp server to provide	19:45
Daviey	(Being a non-standard kernel module, would need to be opt-in)	19:46
soren	Daviey: I don't know.. A kernel space solution seems wonky to me.	19:46
koolhead17	RoAkSoAx: ooh, you mean hard coding approach, everything handled by the DHCP server, as we often do in practise with print server in network?	19:46
RoAkSoAx	koolhead17: right, but when iun a cobbler system you add the information for the network for that particular system, then cobbler handless DHCP automatically	19:47
Daviey	soren: Other ideas?	19:48
zul	gah	19:48
Daviey	soren: The only other thing i can think of is polling the serial port.. ?	19:49
soren	Daviey: Why don't you think rotatelogs will work?	19:49
Daviey	soren: Can kvm et al pipe it's output?	19:49
koolhead17	RoAkSoAx: yes i will add ip/subnet/gateway in my systems for particular provision and at same time write the same in dhcp.conf (populated by cobbler) right?	19:49
soren	Daviey: named pipe?	19:49
Daviey	soren: So i looked at a FIFO first, but you can't limit the size?	19:50
Daviey	and FIFO would block, unless it has something cat'ing it	19:50
soren	Daviey: If we were to poll the serial port.. How would that work? I hope kvm wouldn't block waiting for us to read from its serial port buffer.	19:50
Daviey	soren: Honestly, i don't know.. But i did look at using a FIFO first.. but that seems to have the same problems.	19:50
soren	Daviey: Yeah, that's a fair point. killing rotatelogs would hang kvm => suck.	19:51
RoAkSoAx	koolhead17: yes	19:51
RoAkSoAx	koolhead17: though, bye default in orchestra we are using dnsmasq	19:51
Daviey	soren: This emlog is essentially a fifo which is a ringbuffer.	19:51
soren	erk.	19:51
soren	rotatelogs isn't the way to go.	19:51
soren	I forgot its semantics.	19:51
uvirtbot	New bug: #832507 in nova "console.log grows indefinitely" [High,Confirmed] https://launchpad.net/bugs/832507	19:52
Daviey	soren: There is a userspace (perl) fifo ringer implementation, but that seemed much dirtier.	19:52
soren	Daviey: Have you heard of vbuf?	19:52
soren	(I hadn't)	19:52
soren	Uses libvrb (which I also hadn't heard of)	19:53
Daviey	soren: isn't that a circular char device?	19:53
Daviey	as in, when it reaches the bottom it writes to the top?	19:53
soren	I'll know in a few minutes. :)	19:53
Daviey	heh, i've not used vbuf TBH.. but that was my memory.	19:55
soren	At any rate, this isn't hard to solve entirely in userspace with a separate helper.	19:55
soren	If we just want to solve our own problem, that is.	19:55
soren	If we want to write a general-purpose ring-buffer thingamajig I imagine it'll get hairier quickly.	19:56
soren	but..	19:56
soren	Hm.	19:56
Daviey	well it's crazy we don't have something like this in stock kernel TBH.	19:56
Daviey	soren: Looking at the man page for vbuf - looks like it would need a named pipe to use as input.. meaning you can still own the server.	19:57
Daviey	p0wn? Wow, i struggle to keep up with the language.	19:58
soren	Daviey: Let me see what libvirt can do..	20:00
Daviey	soren: tcp could work, that would mean it would need a listener to suck it in.	20:04
Daviey	Hmm, unix socket would be cleaner and easier to track i suppose.	20:05
soren	Daviey: Trying to work out how kvm would respond to a named pipe whose consumer went away.	20:09
Daviey	soren: normally the consumer going away kills the push?	20:10
Daviey	as in, when i tried this with cat /dev/random > fifo & ; cat fifo ; sleep 10s ; kill second cat, kills the first cat.	20:11
soren	Yeah.	20:11
RoAkSoAx	smoser: http://pastebin.ubuntu.com/677445/	20:14
RoAkSoAx	smoser: is the PPA stuff fixed?	20:14
Daviey	RoAkSoAx: is that because the node doesn't have access to the keyserver?	20:15
smoser	well that i just an update there.	20:15
smoser	try re-running that command on the instance and see what happends	20:15
RoAkSoAx	Daviey: that, but there was a recent change with python-software-properties that broke cloud-init too	20:15
RoAkSoAx	smoser: but the stuff of importing PPA's is fixed?	20:16
smoser	RoAkSoAx, it should have been.	20:19
RoAkSoAx	smoser: ok cool thanks	20:24
* RoAkSoAx will be back in half an hour		20:24
=== himcesjf1 is now known as himcesjf
glebaron	I have a question about ubuntu 10.04 server with multipath drive arrays attached. http://paste.ubuntu.com/677378/ is my multipath listing. http://paste.ubuntu.com/677380/ is my ls -al from /dev/mapper/	20:30
glebaron	All is good until I reboot the server. When it comes back up, in /dev/mapper/ all of the mpathxp1's are missing.	20:30
glebaron	Then the only way I can get them back is to run partprobe /dev/mapper/mpathx.	20:30
glebaron	I am thinking that a reboot should not cause it to lose the partition maps.	20:30
ppetraki	glebaron, so what's your /etc/multipath.conf look like?	20:33
glebaron	ppetraki: http://paste.ubuntu.com/677457/	20:34
ppetraki	glebaron, have you rebuilt your initramfs since creating this file?	20:37
ppetraki	glebaron, is multipath-tools-boot also installed?	20:37
elz89	Just wondered, is there something similar to "fpaste" in Fedora?	20:39
Daviey	soren: cracked it!	20:40
soren	Daviey: Cool!	20:40
ppetraki	glebaron, two nits with your config file, 1) blacklisting sda isn't deterministic, you can blacklist by make/model instead	20:40
Daviey	i'm not saying it is the best solution, but at least an option.	20:40
ppetraki	glebaron, 2) change product "VTrak" => product "VTrak.*"	20:41
ppetraki	glebaron, don't want to be the victim of some regexp ambiguity, even though it's working now	20:42
glebaron	ppetraki: thanks for tips.	20:42
glebaron	I am not only one working on this server, so I will answer to the best of my knowledge.	20:42
ppetraki	glebaron, if you have -boot installed, multipath is run in the initramfs, against the config file, which should create all your maps	20:42
ppetraki	glebaron, np	20:42
ppetraki	glebaron, if you're not booting from SAN and these maps aren't being created, that's an interesting problem	20:43
glebaron	ppetraki: -boot is installed and intramfs has been updated recently.	20:43
yakster	hello everybody! anyone here know how to make apache case insensitive…	20:43
glebaron	ppetraki: but we are booting from local disk and not san.	20:44
yakster	say www.GOOGLE.com or GoOGle.com will redirect to a local page like www.Google.com btw, this is the when listing for external web request	20:44
yakster	I hope that I explained that correctly..	20:45
ppetraki	glebaron, so those udev rules should have been run when the block devices were added initially.	20:45
ppetraki	glebaron, something went wrong	20:45
ppetraki	glebaron, you should be able to run 'multipath -v0' to create new paths. For example, multipath -F, will clear all unused paths, and multipath -v0 should recreate them	20:46
ppetraki	glebaron, what version of ubuntu is this?	20:47
glebaron	ppetraki: 10.04 Server 64-bit	20:47
yakster	anyone know how to make apache case insensitive?	20:49
TheEvilPhoenix	yakster: it inherits the restrictions of Linux	20:50
koolhead17	RoAkSoAx: not tried dnsmasq before, currently working on some automation. will read up on it.	20:50
TheEvilPhoenix	Linux is case sensitive	20:50
yakster	correct…	20:50
TheEvilPhoenix	yakster: therefore, Apache is case sensitive	20:50
yakster	I understand that….	20:50
TheEvilPhoenix	there's no real method to change that	20:50
soren	Err..	20:50
soren	there is.	20:50
soren	http://httpd.apache.org/docs/current/mod/mod_speling.html	20:51
glebaron	ppetraki: thanks so much for input. Things already looking a lot better.	20:51
yakster	but say I have a webpage, and the what that it was posted is…. http://MySite.dyndns.info/Welcome.html and my dad, being the super smart guy he is, just types in http://mysite.dyndns.info/WELCOME.HTML he is going to get a 404 error, page not found…	20:51
TheEvilPhoenix	soren: orly? checks	20:51
TheEvilPhoenix	soren: is it in the repos?	20:51
ppetraki	glebaron, here's an example of make/model blacklisting: http://lists.alioth.debian.org/pipermail/pkg-lvm-maintainers/2010-May/002910.html	20:52
ppetraki	glebaron, lsscsi is your friend	20:52
glebaron	ppetraki: Will have to wait for a day or so to reboot and see if it's fixed for good.	20:52
ppetraki	glebaron, I understand, what interconnect are you using? SAS?	20:52
yakster	ok, that is great if I have an illiterate person accessing my site, but not for one who likes to type in proper case text.	20:53
koolhead17	soren: ping	20:54
soren	TheEvilPhoenix: Sure.	20:54
koolhead17	RoAkSoAx: thanks. i will update you about development tomorrow. :)	20:54
soren	TheEvilPhoenix: in apache2.2-bin, even.	20:54
smoser	RoAkSoAx, http://paste.ubuntu.com/677474/	20:54
soren	koolhead17: What's up?	20:54
smoser	that is output of an oneiirci instance with cloud-config from http://paste.ubuntu.com/677475/	20:55
=== mrmist is now known as evilmrmist
smoser	so it seems its working to me.	20:55
glebaron	ppetraki, I do not know about interconnect. Promise unit is SATA disks direct connected via fiber. I inherited it already hooked up. Is there an easy way to find out?	20:55
hallyn	jdstrand: hi - in the qrt, the libvirt testsuite help starts with	20:56
hallyn	USAGE: * DEPRECATED *	20:56
ppetraki	glebaron, yeah, its SAS, it can support either, I looked it up	20:56
hallyn	I don't understnad. what is deprecated?	20:56
yakster	ok, how do i enable that mod spelling	20:56
koolhead17	soren: doing great. need your mail id. working on jenkins/open stack automation might need your help on that.	20:56
TheEvilPhoenix	soren: how do i activate that module?	20:56
jdstrand	hallyn: let me look	20:57
soren	TheEvilPhoenix: sudo a2enmod speling, presumably.	20:58
soren	koolhead17: soren@openstack.org	20:58
koolhead17	soren: thanks :D	20:58
jdstrand	hallyn: can you paste with the command?	20:58
jdstrand	soren: dude!	20:59
ppetraki	glebaron, make sure you update the initramfs to reflect your new changes before you reboot. If you continue to have problems we'll have to dig into debugging starting with why the udev rules didn't have the desired impact	20:59
* koolhead17 needs to dig deep inside jenkins now :D		20:59
hallyn	jdstrand: doh! I was looking at the libvirt-aa-secdriver.sh	21:00
hallyn	Recon I don't need to be running that by hand :)	21:00
jdstrand	hallyn: oh yes, don't use that :)	21:00
soren	jdstrand: Dude, indeed!	21:00
glebaron	ppetraki, thanks. I am already understanding much better. I will update initramfs and reboot soon. If that doesn't work, I will be back with more questions!	21:01
ppetraki	glebaron, :)	21:01
jdstrand	hallyn: that has all be converted over anyway to test-libvirt.py anyway	21:01
yakster	nope that didn't work…	21:01
jdstrand	soren: :)	21:01
yakster	just tried it, and it dosent even remotely work..	21:05
yakster	hello?	21:06
yakster	quiet all the sudden	21:08
Daviey	hallyn: nice fix on the qemu-kvm package.	21:13
Daviey	hallyn: FYI qemu-kvm 0.15 final just hit experimental.	21:16
Daviey	smoser: BTW, i had a kernel panic rebooting an instance earlier.	21:18
=== evilmrmist is now known as netralmrmist
=== netralmrmist is now known as neutralmrmist
Daviey	smoser: It might have been my fault, but mentioning it JIC http://pb.daviey.com/KKOF/	21:19
hallyn	Daviey: on qemu-kvm 0.15... anything more i can do to help that along?	21:33
=== neutralmrmist is now known as mrmist
Daviey	hallyn: I think we really need to open that issue post b1.	21:42
Daviey	I really don't want to screw b1 if it turns ut bad.	21:43
Daviey	out*	21:43
hallyn	Daviey: ok	21:48
CluelessPerson	hey	22:12
CluelessPerson	for some reason samba suddenly stopped working	22:12
CluelessPerson	my server still shows up on the network	22:13
CluelessPerson	but when I try to connect from my windows netbook, it tells me there's no anser/connection	22:13
=== Robinux is now known as sw0rdfish
Daviey	Who wants to earn a gold star?	22:29
Daviey	Someone fixing bug #837049 would make me very happy!	22:30
uvirtbot	Launchpad bug 837049 in php5 "php5 FTBFS (amd64 only)" [High,Confirmed] https://launchpad.net/bugs/837049	22:30
arrrghhh	hey all	22:42
arrrghhh	i want to secure my server with ssh key auth instead of password auth	22:43
uvirtbot	New bug: #837049 in php5 (main) "php5 FTBFS (amd64 only)" [High,Confirmed] https://launchpad.net/bugs/837049	22:43
arrrghhh	my only issue is adding all of the machines i need before disabling password auth - should i just reuse the same key for all machines? what do i do for mixed environments? some of the machines accessing the server are linux, some are windows....	22:43
glebaron	arrrghhh: it's a per-user thing. Each user has their own private key on their machine, and their public key is installed on their servers in user accounts that you want them to have access to.	22:45
glebaron	your servers	22:45
arrrghhh	yes	22:46
arrrghhh	well this is one server	22:46
arrrghhh	and i am always the client machine	22:46
arrrghhh	but i have many clients	22:46
arrrghhh	cell phone, work PC, home laptop (win&lin)	22:46
arrrghhh	then i run into the issue of "other machines"	22:46
glebaron	the private key has to be on each of those.	22:46
arrrghhh	i rarely need to access my server from other machines, but what do i do when i run into a client that isn't setup?	22:46
arrrghhh	ok so you'd recommend i get all the keys setup, then disable pass-based auth?	22:47
glebaron	just copy the private key to that machine.	22:47
glebaron	yes.	22:47
arrrghhh	ok	22:47
arrrghhh	i guess copying the private key seems difficult across platforms	22:47
arrrghhh	private keys for putty don't seem compatible with linux and visa-versa... no?	22:47
glebaron	they work.	22:47
glebaron	It's not optimal.	22:48
arrrghhh	i remember them not working. or perhaps i didn't know how to get it to work?	22:48
arrrghhh	ok	22:48
arrrghhh	so i should have a ppk for putty for windows clients, and another key for linux perhaps?	22:48
glebaron	yes.	22:48
glebaron	we have windows users using putty ppk on their windows machines	22:49
glebaron	and connecting to linux servers.	22:49
glebaron	and we have linux/mac users using regular ssh keys.	22:49
glebaron	but we don	22:49
glebaron	t	22:49
glebaron	normally put putty keys on any client other than windows.	22:50
arrrghhh	ah	22:50
arrrghhh	ok	22:50
arrrghhh	i think that was my problem	22:50
arrrghhh	last time i was trying to have one key for all clients	22:50
arrrghhh	and i ran into issues trying to get putty to work with linux priv key, or visa-versa.	22:51
arrrghhh	thanks	22:51
glebaron	:)	22:51
arrrghhh	crap glebaron left.	23:23
arrrghhh	how do i transfer the client key to the host from Windows/putty...?	23:24
arrrghhh	crap	23:30
qman__	ssh-copy-id makes it easy on linux, but it's as simple as putting the public key into ~/.ssh/authorized_keys on the server	23:37
qman__	just ssh in, edit that file, and copy/paste	23:38
qman__	arrrghhh, ^	23:38
arrrghhh	oh	23:38
arrrghhh	ok	23:38
arrrghhh	qman__, i don't have an authorized_keys file in .ssh...	23:39
arrrghhh	would it be in /etc?	23:39
qman__	no	23:39
qman__	the file doesn't exist until at least one key is put there	23:39
qman__	create it	23:39
arrrghhh	heh	23:39
arrrghhh	ok	23:39
qman__	the permissions also have to be right	23:40
qman__	600 IIRC	23:40
arrrghhh	700 actually i think	23:40
qman__	600 on mine	23:40
arrrghhh	hrm	23:40
qman__	700 would be executable	23:40
qman__	no need to execute keys	23:40
arrrghhh	yea that's true.	23:40
arrrghhh	ubuntu guide said 700	23:40
qman__	folder should be 700	23:40
qman__	file should be 600	23:40
arrrghhh	oic	23:40
arrrghhh	makes sense	23:41
arrrghhh	so i can just take the ppk file	23:41
arrrghhh	and paste the "private-lines" into an authorized_key file..?	23:41
qman__	no	23:42
qman__	public key	23:42
qman__	not the private key	23:42
arrrghhh	ah right	23:42
arrrghhh	private key is client only	23:42
qman__	private key goes to the connecting client	23:42
arrrghhh	server refused our key	23:43
arrrghhh	heh	23:44
=== medberry is now known as med_out
arrrghhh	all i did was paste the public key in	23:44
arrrghhh	and took all the end keys out	23:44
arrrghhh	so it's one long line...	23:44
qman__	that's correct	23:44
arrrghhh	hrm	23:44
qman__	each public key you want to allow connections from, goes on one line in the file	23:44
arrrghhh	ok	23:45
arrrghhh	anything else on that line?	23:45
qman__	nope	23:45
arrrghhh	just the jibberish that involves the public key?	23:45
arrrghhh	hum	23:45
arrrghhh	why would the server refuse my key then?	23:45
qman__	like this	23:45
arrrghhh	oh key based auth might not be enabled.	23:45
qman__	ssh-rsa AAAAB....8= ryan@amdk6	23:45
arrrghhh	oh	23:45
arrrghhh	i didn't have the ssh-rsa	23:46
arrrghhh	or the machine @ the end	23:46
qman__	ssh-rsa at the front, description at the back	23:46
qman__	it can be anything, mine happens to be user@host	23:46
arrrghhh	ah, and my authorized_keys is in /etc for some reason.	23:46
qman__	yes, but that's machine wide	23:46
arrrghhh	hrm	23:46
arrrghhh	ok	23:46
qman__	I assume you don't want to allow connections as any user on the machine from your key	23:46
arrrghhh	no	23:46
arrrghhh	i only have this one user, but still no :P	23:47
qman__	a default install has over 20 users	23:47
arrrghhh	yea	23:47
arrrghhh	well	23:47
arrrghhh	i've only created one user	23:47
arrrghhh	so what do i put in for the machine @ the end	23:48
arrrghhh	doesn't matter?	23:48
arrrghhh	cuz it's still rejecting my key.	23:48
qman__	can be anything, it's just a description field	23:48
arrrghhh	so why else would the server refuse my key?	23:49
qman__	plenty of possible reasons	23:50
arrrghhh	heh	23:50
qman__	I'd check /var/log/auth.log	23:50
arrrghhh	k	23:50
qman__	see if it says why	23:50
arrrghhh	i see accepted passwords	23:51
arrrghhh	but no 'rejections' or anything similar from sshd	23:51
arrrghhh	how can i tell that it's pulling from this authorized_keys file...?	23:52
arrrghhh	ah	23:54
arrrghhh	it is pulling from /etc/.ssh/authorized_keys	23:54
arrrghhh	so should i change that in the sshd_config...?	23:54
qman__	looks like your home directory isn't set up right	23:54
qman__	what does cd ~ do?	23:54
arrrghhh	puts me at the user@nas:~$ prompt	23:55
qman__	pwd	23:55
qman__	there	23:55
arrrghhh	/home/user	23:55
qman__	did you set encrypted home directories?	23:55
arrrghhh	nope	23:55
qman__	and the file you created is /home/user/.ssh/authorized_keys	23:56
arrrghhh	yes	23:56
qman__	and /home/user/.ssh is chmod 700	23:56
qman__	and /home/user/.ssh/authorized_keys is chmod 600	23:56
arrrghhh	drwx------ 2 user user 4096 2011-08-29 17:42 .ssh	23:56
arrrghhh	er i don't think auth_keys is 600 hold on	23:57
arrrghhh	k it's 600 now	23:58
arrrghhh	and i still get server refused our key	23:58
arrrghhh	(i removed the /etc/.ssh directory)	23:58
arrrghhh	so this line	23:58
arrrghhh	AuthorizedKeysFile /etc/.ssh/authorized_keys	23:58
arrrghhh	in my sshd_config	23:58
arrrghhh	doesn't matter..?	23:58
arrrghhh	i shouldn't change that?	23:58
qman__	mine doesn't have that line	23:59
qman__	try commenting it out and restarting sshd	23:59
arrrghhh	k	23:59
arrrghhh	lol	23:59
arrrghhh	i recall vaguely doing that. i wish i knew why.	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!