/srv/irclogs.ubuntu.com/2011/08/29/#ubuntu-server.txt

ejathi .. i do the release upgrade on ec2 .. from maverick to natty then i get this00:16
ejathttp://paste.ubuntu.com/676897/00:17
ejatis it ok for me to reboot or need to fix it 1st then reboot00:17
Doonzhey guys anyone have experince with smal storage solutions?01:15
jcastrojamespage: Does the etherpad-lite formula work? I just gave it a try.01:29
jcastroit listens on port 9001 iirc?01:29
patdk-lapsmal?01:33
Doonzsmall*01:37
jmarsdenDoonz: Please try to be much more specific about what you are asking.  A microSD card is a "small storage solution", and I have one of those -- but I don't think that is what you mean... is it?02:08
Doonzwell lets see. Ok Im trying to build a media storage set up for home around the 100tb mark. I currently run 25tb btu what im finding is my sever is getting to taxed and performance is suffering. So i have thought of breaking the one large system into multiple systems02:11
Doonzi just dont understand alot of the terms02:12
Doonzand im not sure which way i should go without spending a billion bux02:12
=== DarkwingDuck_ is now known as DarkwingDuck
=== lickalott_ is now known as lickalott
=== smb` is now known as smb
trapmaxAny idea how to get rid of "File descriptor 15 (socket:[6111]) leaked on lvremove invocation." messages?07:39
van7huhowdy07:49
van7huhow could I know if my kernel was compiled with netfilter support?07:50
ayambitvan7hu: try to add iptables rule?07:59
van7hu.e.g iptables ... etc?07:59
van7huby the mean of ubuntu, is it default?07:59
ayambitvan7hu: yes, iptables. It is enabled by default (of course) in ubuntu.08:00
van7hubut netfilter?08:00
ayambitiptables needs netfilter, so if your iptables rule will work, netfilter is available.08:02
ayambitAnd it is in ubuntu-server by default.08:02
van7huokay, thank you08:04
=== masACC is now known as maswan
uvirtbot`New bug: #634102 in cloud-init (main) "t1.micro EC2 instances hang on reboot" [High,Fix released] https://launchpad.net/bugs/63410208:37
=== uvirtbot` is now known as uvirtbot
=== himcesjf1 is now known as himcesjf
igcekhello, what would be the best way to have multiple web servers on one static ip08:55
igcekdifferent machines with for. ex.08:56
igcekubuntu server installed on them08:56
ersiigcek: Utilise different ports for the different daemons08:57
ersiOr have some reverse proxy magic on :80 and the other web daemons on other ports and rewrite the requests08:58
ersiigcek: Why several different web servers on the same IP though? Or do you just want to serve different domains/sites on the same web server?08:59
igceki have production server and a server production to be... so they all have to be seperated and on port 80.09:00
igcekwould it work if i just like redirected domain to ip with port and then do a port forwarding? ip:xx.xx.xx.xx:23409:01
ersiigcek: You have one serving the 'production site' and one for testing?09:02
igceknow i have one serving the production site, and it probably is not a good idea to put next to it a testing web page. but overall idea is to have for every company physicly different server09:05
igcekvirtualisation09:05
ersiigcek: Yeah, okay - I understand that. But why have it on the same IP?09:20
ersiAnd the same port..09:20
igcekthey would all be web servers. (port 80) i only have one static ip. (worldwide)09:21
linociscoI want to make ubuntu mail server for windows clients. THat mail server would be for communicating one PC to another if internet is offline. I would like to know where I can find reference link.09:24
ersiigcek: Why is changing IP not feaseble? Like using :8080 for the test machine09:26
ersiigcek: I meant port, not IP09:26
igceki would like to have transition as painless as can be09:28
linociscoI keep seeking on youtube. all are with non-english version. and with GUI desktop. I want to see english version configuration on CLI only pure ubuntu server .09:28
ersilinocisco: Usually you will need no further configuration than setting up the mail accounts on the same domain and serve that domain from That mail server09:29
ersilinocisco: As in user@companyA.com will be able to mail collueage@companyA.com even if other networks are unreachable09:30
linociscoersi: Yes. I did choosing internet site.09:30
ersiAnd?09:30
linociscoersi:  I would like to know how to create users and how to configure accounts on windows mail clients like outlook or thuderbird09:31
linociscoersi:  I tried telnet localhost 25 . it was fine09:31
ersiDepends on configuration.. usually the default is to use whatever accounts are on the machine. ie local users (root, linocisco, etc in /etc/passwd)09:31
ersi25? Have you only configured SMTP?09:32
linociscoersi: as I have no extra computer. I am to setup my ubuntu text base server on VM and client is my widnows 7 on celeron Toshiba Laptop09:32
ersiUm >_> Hm09:32
linociscoersi: I have only one default account since creation. I have not setup DNS server or BIND config on that.09:33
ersiWell, you don't really need that for a functional mail service.. What you need is something like postfix to handle incoming mail, and whatever you're using now for SMTP/shuffling outgoing mail09:34
ersiI usually just use postfix and dovecot together09:34
ersiThere's like, endless amounts of documentation of both softwares (in English).. They can be a bit tricky to get to work if it's the first time though09:35
ersilinocisco: Maybe this can be of service to you? https://help.ubuntu.com/10.04/serverguide/C/email-services.html09:36
uvirtbotNew bug: #836544 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/83654409:36
linociscoersi: The worst thing is I have no internet with my ubuntu server. When I installed mail server, I did using CD installer during installation. I selected [Mail server]. I dont know how to install dovecot without internet. Even with CDrom, I dont know how to  , after installaton.09:40
DavieyWho is in the mood for some bug triage?  Yeah!09:41
ersilinocisco: Heh, oh yeah.. Hm, that always makes stuff a lot more... interesting.09:43
linociscoersi: does server installer include dovecot or Not ?09:44
ersilinocisco: I don't know, I'm spoiled with always-internet :|09:44
linociscoersi: that sucks. our country has expensive internet09:45
linociscoDoes anybody know how to build email server for windows clients using ubuntu server installer CD only ?09:50
linociscois there any ubuntu server training video except the one by Michael Jang which is just in brief ?10:02
EriksLVhi10:04
EriksLVany recommendations for raid5 controller that works with ubuntu server?10:04
linociscoEriksLV: hardware raid or software raid ? hardware RAID is better10:05
EriksLVhardware raid10:05
linociscoEriksLV: I would recommend ASUS motherboards10:06
EriksLVasus10:06
EriksLVfor a server?10:07
EriksLVa joke?10:07
EriksLVI need PCIE RAID controller10:07
patdk-lapwhat kind of drives are going be used?10:10
EriksLV4xWD RE4 1TB SATA2 3.5" 7200RPM 64MB10:17
EriksLVpart number: WD1003FBYX10:18
EriksLVany recommendations patdk-lap?10:19
* soren doesn't care much for hardware raid10:21
Guybrush_Thi guys! i want to use a mra to get all the mails from my different mail accs and forward them to a specific imap folder - i heard from fetchmail and getmail and also that they are not that geat pieces of software. anyone has a better idea?11:08
=== TRKDK is now known as TRK
memoryleakI'm trying to use a bash variable in a sed expression - how could I make this work:  sed 's/__USER__/${USERNAME}/g' template.conf12:09
EriksLVmaybe escape dollar sign...12:17
EriksLVjust a guess12:17
trapmaxor "'$USER'"12:17
Ursinhamorning12:39
DavieyUrsinha: o/12:48
zulhi Ursinha12:48
DavieyToday is a national holiday :/12:49
Davieyzul: Stuff which concerns us on, http://people.ubuntu.com/~davewalker/component-mismatches-mir-track.html - can you check we need them, and raise a MIR if we do?12:50
Daviey-carrot will be required for nova after all.12:50
Daviey-dingus and -anyjson not looked at12:50
zulkombu is not going to work?12:50
Daviey-stompy needs body in the MIR12:50
Davieyzul: nah, it turned out to be too heavy to replace this late in openstacks cycle.12:50
zulDaviey: i was going to make a joke about it but good thing for the delete key12:51
Davieyheh12:52
ersiWhat's a "MIR"?13:10
jcastroMain inclusion report: https://wiki.ubuntu.com/MainInclusionProcess13:10
Davieykees: Would you be able to look at the kombu MIR please? :)13:20
sorenDaviey: If we're stuck on -carrot, why do we need kombu?13:28
zulsoren: glance uses it13:39
linociscohi13:57
linociscohow to setup ubuntu mail server to be used by microsoft outlook ?13:58
patdk-wkwhat exactly is, ubuntu mail server?14:01
patdk-wka postfix/dovecot install?14:01
=== DrNick___ is now known as DrNick__
uvirtbotNew bug: #836728 in krb5 (main) "package libkadm5clnt-mit7 1.8.3 dfsg-5ubuntu2.1 failed to install/upgrade: error writing to '<standard output>': Success" [Undecided,New] https://launchpad.net/bugs/83672814:26
=== himcesjf1 is now known as himcesjf
sorenzul: Ah.15:32
laserbledHi, I have logged into 10.10 64 bit through ssh - I installed xorg-xserver - but I cant startx - please tell me what to do to get to the x environment15:56
=== med_out is now known as medberry
elz89How can I configure slapd daemon to listen on only one of the network interfaces?16:59
bkerensaelz89: Have you checked the slapd.conf ?17:01
elz89bkerensa: no only /etc/ldap/ldap.conf I shall check slapd.conf now.17:02
bkerensaelz89: Yeah I would check it and see if it allows you to define listening17:03
elz89bkerensa: all I can find is /usr/share/slapd/slapd.conf and no mention in there of interface.17:05
bkerensaodd17:05
bkerensaelz89: Here http://www.openldap.org/doc/admin24/security.html17:06
elz89bkerensa: I have that page already, and it does not mention how it is done on ubuntu server in a config file.17:07
elz89Or does it mean if I start it once with specified interface it will remember that in config file for next start?17:07
bkerensaperhaps17:08
bkerensalet me dig a little more17:08
elz89OK thank you :-)17:08
elz89I'm happy to be given things to read as well.17:09
bkerensaelz89: I looked pretty good and it doesnt seem like there is any info in man or on google to do selective listening17:10
bkerensa=o17:10
elz89bkerensa: Yeah I had a good google :-P or so I thought.17:11
bkerensaelz89: Have you considered asking a OpenLDAP dev?17:11
pmatuliselz89: see /etc/default/slapd17:19
bkerensaelz89: Did pmatulis help you out?17:23
kernelpanickerfeel free to suggest the right channel... but where does bind9 store it's DNS cache?17:25
bkerensakernelpanicker: I think its stored in memory unless you specific it to backup elsewhere17:27
bkerensakernelpanicker: Check /var/tmp17:27
uvirtbotNew bug: #836849 in samba (main) "Samba starts before static IPs set in network manager" [Undecided,New] https://launchpad.net/bugs/83684917:29
noeccI've compiled git from source, aptitude install puppet wants to install git-core{a}.  How can I proceed without installing git-core{a}?17:33
bkerensanoecc: Perhaps remove git then apt get install git && puppet17:56
noeccbkerensa: yes except I prefer the latest git from source.17:58
bkerensahmm ok does the latest git have a .deb?17:59
genii-aroundnoecc: Maybe set APT::Install-Recommends and APT::Install-Suggests both to zero17:59
bkerensagenii-around: +1 I totally didnt think of that18:00
uvirtbotNew bug: #836875 in bacula (main) "package bacula-director-mysql 5.0.3-1ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/83687518:01
elz89pmatulis, bkerensa, : nothing in that file either :-(18:02
bkerensaelz89: OpenLDAP devs maybe ask them thats what I would do :D18:02
bkerensaelz89: If you find out how ping me and I will make a How-To for others18:03
pmatuliselz89: this doesn't give you a hint:18:05
pmatulis# Example usage:18:05
pmatulis# SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"18:05
Davieysoren: glance needs kombu18:05
DavieyAh, zul already answered you18:06
Davieysoren: infact, glance D4 is blocked in unapporved pending MIR kombu MIR.18:06
elz89pmatulis: Thank You18:09
uvirtbotNew bug: #836889 in bacula (main) "package bacula-director-mysql (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/83688918:21
kernelpanickerI'm setting up postfix on ubuntu 10.04; how do I hold mail for users in such a way that they can't log into the system via, say, SSH?18:28
alamarby not giving them a valid shell for example?18:34
alamaror by using non-system user mail accounts18:34
TheEvilPhoenix^18:35
kernelpanickerwell... I'm creating a VPS to handle the mail and lists for an existing server.  I'll have some mail coming in for some regular users, and the rest will be list traffic.18:36
kernelpanickerI'm unclear on where the mail will be 'held' for the list members, and how to deal with the 'regular' mail users...18:37
alamarkernelpanicker: mail will not be held for mailinglist users18:37
kernelpanickerI have to use postfix/dovecot/mailman, as well, as that's what I've been told to do...18:37
alamarit will be delivered to the mailinglist's registered addresses18:37
kernelpanickerand I'll be honest, I've been wrestling with this for almost 2 1/2 weeks now...18:37
kernelpanickersomething that would take one of you probaby 3 hours...18:38
kernelpanickerbecause I don't have a clue.18:38
alamarthere's like a million howtos that exactly describe how to set up this software constellation18:38
kernelpanickerBut onward ho, right?18:38
kernelpanickerI have a bookmark for each how to...18:38
kernelpanickerall of them imperative masterpieces, for particular distros...18:38
kernelpanickeretc...18:38
alamarwell maybe you should pay someone who has more of a clue18:38
kernelpanickerI would, if I had more than, what, .27 cents in my pocket.18:39
kernelpanickerand also, I want to learn about this stuff.18:39
kernelpanickerthat was 27 cents...18:39
kernelpanickerat any rate...18:40
kernelpanickerit seems like the non list email recipients need something to hold their mail, right?18:40
kernelpanickerand that not all of them should be able to log into the box...18:40
kernelpanickerso I can't just make them into users, right?18:40
kernelpanickerThere should be some mechanism for holding mail for them, but not making them users, and I recall something like 'adduser -s /sbin/nologin emailusername; passwd emailusername' on other flavors of linux...18:42
alamaryou can do more or less anything. you can create individual system user's, you can prevent them from logging in, you could create virtual user'S (meaning non-system but in some other database like ldap or mysql)18:42
kernelpanickerbut that doesn't seem to work in Ubuntu.18:42
kernelpanickeralamar: OK18:42
alamarkernelpanicker: it is not a good idea to try to administer a public running server if you do not have any idea what you are doing18:42
kernelpanickeralamar: tell me about it18:42
kernelpanickerdoesn't life suck18:43
ersiUnfortunally, with mail services - it's usually learning by doing18:43
alamarersi: you can learn and do a LOT by reading appropriate documentation and using a controlled environment18:43
kernelpanickerit's also not a good idea to get married, have kids, or jump from hovering helicopters18:43
alamaror it will be learning the hardware by ending up on nearly every blacklist18:44
alamarand having a non functional mailserver anyway..18:44
glebaron I have a question about ubuntu 10.04 server with multipath drive arrays attached.  http://paste.ubuntu.com/677378/ is my multipath listing. http://paste.ubuntu.com/677380/ is my ls -al from /dev/mapper/18:44
alamars/hardware/hard way/18:44
kernelpanickerwhat's fantastic is that if one does decide to learn, one can plunge in, read documentation, and get help from irc channels when you're stuck ;)18:44
ersialamar: Well well, you can prepare all you want.. when you go live, you can bet your horse on that something's wrong anyway :P18:45
alamarersi: but then I didn'T rush into running live before even knowing what I'm doing18:45
glebaronAll is good until I reboot the server. When it comes back up, in /dev/mapper/ all of the mpathxp#'s are missing.18:45
glebaronThen the only way I can get them back is to run partprobe /dev/mapper/mpathx.18:46
ersialamar: All sound advice, for sure.18:46
glebaronI am thinking that a reboot should not cause it to loose the partition maps.18:46
glebaron*lose18:46
kernelpanickeralamar is 100% right18:46
alamarersi: it's servers like that which are sending millions of spam mails before their admins EVEN NOTICE it18:46
kernelpanickerso, alamar, what are your top two ways of locking down your servers to prevent them from becoming spam farms, and I'll go google them to learn.18:47
ersialamar: I was not saying that one should rush into deploying, without looking at the documentation or taking the 'simple' steps to make sure you won't get instablacklisted18:47
kernelpanickeror just one will get me going.18:47
ersiAlways always authenticate users of your outgoing services18:48
* kernelpanicker googles 'authenticating users of outgoing mail services'18:48
ersi"Outgoing authentication" is perhaps a better search term18:50
kernelpanickerok18:51
tarvidif I have a string of nsupdate commands that appear to do what I want to do, where is the best place on the client to hook them?18:55
alamarset up dns properly (forward confirmed reverse dns), read up on spf (some server's will not accept mail without proper spf records for your domain), implement proper user authentication, provide ssl, use monitoring(munin/nagios), read the documentation for all used software components(postfix, dovecot, mailman and whatever your authentication backend will be)18:55
alamarthink about using dnsbls/rbls18:56
alamarthink about greylisting and/or whitelisting18:56
alamarand run ntpd to keep your time in synch if you not already do so18:56
alamardon't run any other unecessary services, keep up with the security updates for your distribution18:57
alamarthink about using ratelimiting rules in your firewall, maybe use some mechanism like fail2ban to monitor/ban password/account cracking attempts18:58
alamartest your configuration (at least with http://www.abuse.net/relay.html ) if it can be abused as open relay18:59
Davieysoren: Around?19:03
DavieyI wanted to talk to you about greenlet.19:04
sorenShoot19:04
Davieysoren: So.. Firstly.. I had NFI it was monkey patching.. Really confused me why standalone code was working, but not inside openstack :)19:06
Davieysoren: secondly.. Do you know how to NONBLOCK ?19:06
DavieyThis crappy snippet works with standard os, but not greenlet monkey patched: os.fdopen(os.open(fpath, os.O_RDONLY | os.O_NONBLOCK))19:07
Davieyie, it's blocking.19:07
sorenYh.19:09
sorenUh, even.19:09
sorenSorry, what are you trying to do?19:09
koolhead17RoAkSoAx: ping19:09
Davieysoren: so.. I want to open a char device.. so "cat foo" would hang forever as there is no EOF.  It's like doing a tail -f.19:11
sorenDaviey: Ok.19:11
DavieyI want to capture what is there, which is achieved with teh fugly snippet up there using standard os.19:11
sorenDaviey: So you want it block.19:11
Davieybut the monkey patched os ignores the os.O_NONBLOCK19:12
Davieyno, i want it to NOT block19:12
sorenDaviey: You're confused.19:12
sorenOr you19:12
Davieyah.  I bet os.O_NONBLOCK = None in the monkey patched os.19:12
soren're making me confused.19:12
Davieyhold fire.. lemme check my theory.19:12
sorenDaviey: You say: 'so "cat foo" would hang forever as there is no EOF.19:13
DavieyYes.19:13
sorenDaviey: That means it's blocking.19:13
sorenNon nonblocking.19:13
Davieyyes, i want it to not block.19:13
sorenOk... Let's pretend I didn't hear anything but that, shall we?19:13
soren:)19:13
Davieyok :)19:14
sorenSpecifically, I'll ignore all the confusing bits you said. :)19:14
DavieyI'm not sure what part confused.. :/19:14
sorenWEll, if "cat foo" *hangs* forever... That means it's blocking.19:14
Davieycorrect19:14
soren...but you say you want non-blocking.19:14
sorenThat's confusing.19:14
sorenOr a *REALLY* bad example of what you want to do.19:14
DavieyI want to cat foo and for it to NOT block.19:14
sorenAha!19:15
sorenAwesome.19:15
sorenOk.19:15
sorenSo..19:15
sorenThis is why I hate eventlet.19:15
Davieymy theory is that os.O_NONBLOCK is not implemented.19:15
sorenYou don't get to play with non-blocking I/O.19:15
sorenIt does it for you and you only get to pretend you're dealing with blocking I/O.19:15
SpamapSeventlet means that every event "blocks" but returns control to the event loop, right?19:17
sorenSo all your code ends up looking like it's using blocking I/O, but behind the scenes, eventlet does a buch of magic to make it non-blocking.19:17
sorenYes, the is easier for people who don't grok how to write proper async code, but it's really, really confusing if you do.19:17
sorenSpamapS: That's essentially what ahppens behind the scenes, yes. Hidden away. Unless you go and look, you haven't a clue there's such a thing as an event loop.19:18
sorenFor better or worse.19:18
Davieysoren: both values of os.O_NONBLOCK == 2048..  So it gets deeper.. *sigh*19:18
sorenDaviey: You need to stop making assumptions about anything.19:19
sorenDaviey: Because eventlet probably monkey patched those assumptions to no longer be true.19:19
Davieysoren: Well i mean, 2048 is a value in both patched and pure os.  However, the 'deeper' means it's not implemented within greenelt.19:20
sorenDaviey: Do you have some code that demonstrates your problem that I can help you debug?19:20
Davieysoren: It would be easier for you to share my env tbh. Give me a few.19:21
sorenDaviey: ok, cool.19:21
Davieysoren: ssh ubuntu@91.189.93.86 -t bash ; sudo -s ; screen -xr19:24
Davieysoren: The only window running vi is the one to grok19:25
sorenDaviey: What are you trying to achieve again? Does the existing code not work?19:29
sorenDaviey: I wonder how longs it's been since I wrote the Xen code. It's not entirely impossible it predates the eventletification.19:30
Davieysoren: sniffing bug 832507, and using a ring buffer, rather than a standard file.19:31
uvirtbotLaunchpad bug 832507 in nova "console.log grows indefinitely" [Low,Confirmed] https://launchpad.net/bugs/83250719:31
RoAkSoAxkoolhead17: pong19:31
koolhead17RoAkSoAx: do you have few minutes? i got few questions.19:31
RoAkSoAxkoolhead17: sure19:32
Davieysoren: so get consolelog blocks using standard os read() as it doesn't EOF19:32
koolhead17cool19:32
sorenDaviey: ...for Xen.19:32
Davieysoren: I'm only testing against kvm/qemu atm19:32
sorenDaviey: That doesn't make any sense.19:33
sorenDaviey: kvm logs directly to a file.19:33
sorenDaviey: A plain file. It absolutely EOF's.19:33
Davieysoren: which is the roblem.19:33
Davieyproblem.19:33
sorenI understand that that is the problem outlined in the bug.19:33
Daviey20:31 < Daviey> soren: sniffing bug 832507, and using a ring buffer, rather than a standard file.19:33
uvirtbotLaunchpad bug 832507 in nova "console.log grows indefinitely" [Low,Confirmed] https://launchpad.net/bugs/83250719:33
sorenOk, you've lost me somewhere.19:34
sorenkvm logs to a file.19:34
sorenThis file can grow indefinitly, which is really bad.19:34
sorenNow, where does the need for non-blocking I/O come into the picture?19:34
Davieysoren: Yes, which is why i am sniffing using a ringbuffer char device, rather than a plain test file.19:34
Davieytext file*19:35
sorenA.... ringbuffer char device?19:35
sorenEnlighten me please.19:35
Davieysoren: emlog19:35
Davieysoren: http://www.circlemud.org/jelson/software/emlog/19:35
koolhead17RoAkSoAx: 1. i am using cobbler system for adding a specific system and i have defined it to acquire static IP in th preseed like this http://pastebin.com/Mw7UiVNB but its failing.19:36
Davieysoren: WIP - http://paste.ubuntu.com/677426/19:36
sorenDaviey: Oh, and it doesn't only support Linux 2.2. It supports Linux 2.4, too!19:37
sorenOh, wait.19:37
RoAkSoAxkoolhead17: what's failing?19:37
Davieysoren: I'm actually using a fork :)19:38
koolhead17netcfg/choose_interface=eth1 as additional kopts19:38
koolhead17RoAkSoAx: it fails to assign this static IP after reboot, rather i would say it just takes DHCP ip for installing the whole system :(19:38
koolhead17am trying to provision Oneiric :D19:39
Davieysoren: BTW, if you have a better idea.. i'm all ears :)19:39
RoAkSoAxkoolhead17: right, so on installation it doesn't use the values you passed on the preseed but rather it used DHCP?19:39
koolhead17RoAkSoAx: yes19:39
RoAkSoAxkoolhead17: so when you reboot, it does not have the network values you have specified19:39
koolhead17yes19:39
RoAkSoAxkoolhead17: that might be a problem of the installer, ping cjwatson19:40
RoAkSoAxkoolhead17: other thing you can do, is enable DHCP on cobbler, and set the values for the system, so you configure your network to obtain DHCP from the cobbler server19:40
koolhead17RoAkSoAx: yeah i tried that as well, inside cobbler system options, even it fails19:41
* koolhead17 pokes cjwatson: 19:41
RoAkSoAxkoolhead17: it shouldn;t fail, I have it working19:41
Davieysoren: So that patch does work, when using the standard os for read()'ing the file.19:41
RoAkSoAxkoolhead17: I'd recommend you use dnsmasq19:42
RoAkSoAxsudo vim /etc/cobbler/modules.conf and enable DHCP19:42
RoAkSoAxfor dnsmasq19:42
RoAkSoAxand then in /etc/cobbler/settings19:42
RoAkSoAxkoolhead17: then on a system add an interface with MAC, IP address etc19:42
koolhead17RoAkSoAx: i have currently dhcp server whose configuration file is fetched via cobbler only.19:43
koolhead17also if i have a configuration in my profile and am using that with my system, will cobbler overwrite the parameters of that profile for my syste?19:44
koolhead17*system19:44
koolhead17RoAkSoAx: am going to remove this configuration from my preseed and add everything in systems file as you suggested.19:45
Davieysoren: I don't think it can be piped to rotatelog.  The other option is logrotate, but that will react too slowly.  ISTM that this is a cleaner solution.19:45
RoAkSoAxkoolhead17: the way how we are doing it in orchestra is enable dhcp on the cobbler server and add systems with the information we want the dchp server to provide19:45
Daviey(Being a non-standard kernel module, would need to be opt-in)19:46
sorenDaviey: I don't know.. A kernel space solution seems wonky to me.19:46
koolhead17RoAkSoAx: ooh, you mean hard coding approach, everything handled by the DHCP server, as we often do in practise with print server in network?19:46
RoAkSoAxkoolhead17: right, but when iun a cobbler system you add the information for the network for that particular system, then cobbler handless DHCP automatically19:47
Davieysoren: Other ideas?19:48
zulgah19:48
Davieysoren: The only other thing i can think of is polling the serial port.. ?19:49
sorenDaviey: Why don't you think rotatelogs will work?19:49
Davieysoren: Can kvm et al pipe it's output?19:49
koolhead17RoAkSoAx: yes i will add ip/subnet/gateway in my systems for particular provision and at same time write the same in dhcp.conf (populated by cobbler) right?19:49
sorenDaviey: named pipe?19:49
Davieysoren: So i looked at a FIFO first, but you can't limit the size?19:50
Davieyand FIFO would block, unless it has something cat'ing it19:50
sorenDaviey: If we were to poll the serial port.. How would that work? I hope kvm wouldn't block waiting for us to read from its serial port buffer.19:50
Davieysoren: Honestly, i don't know.. But i did look at using a FIFO first.. but that seems to have the same problems.19:50
sorenDaviey: Yeah, that's a fair point. killing rotatelogs would hang kvm => suck.19:51
RoAkSoAxkoolhead17: yes19:51
RoAkSoAxkoolhead17: though, bye default in orchestra we are using dnsmasq19:51
Davieysoren: This emlog is essentially a fifo which is a ringbuffer.19:51
sorenerk.19:51
sorenrotatelogs isn't the way to go.19:51
sorenI forgot its semantics.19:51
uvirtbotNew bug: #832507 in nova "console.log grows indefinitely" [High,Confirmed] https://launchpad.net/bugs/83250719:52
Davieysoren: There is a userspace (perl) fifo ringer implementation, but that seemed much dirtier.19:52
sorenDaviey: Have you heard of vbuf?19:52
soren(I hadn't)19:52
sorenUses libvrb (which I also hadn't heard of)19:53
Davieysoren: isn't that a circular char device?19:53
Davieyas in, when it reaches the bottom it writes to the top?19:53
sorenI'll know in a few minutes. :)19:53
Davieyheh, i've not used vbuf TBH.. but that was my memory.19:55
sorenAt any rate, this isn't hard to solve entirely in userspace with a separate helper.19:55
sorenIf we just want to solve our own problem, that is.19:55
sorenIf we want to write a general-purpose ring-buffer thingamajig I imagine it'll get hairier quickly.19:56
sorenbut..19:56
sorenHm.19:56
Davieywell it's crazy we don't have something like this in stock kernel TBH.19:56
Davieysoren: Looking at the man page for vbuf - looks like it would need a named pipe to use as input.. meaning you can still own the server.19:57
Davieyp0wn? Wow, i struggle to keep up with the language.19:58
sorenDaviey: Let me see what libvirt can do..20:00
Davieysoren: tcp could work, that would mean it would need a listener to suck it in.20:04
DavieyHmm, unix socket would be cleaner and easier to track i suppose.20:05
sorenDaviey: Trying to work out how kvm would respond to a named pipe whose consumer went away.20:09
Davieysoren: normally the consumer going away kills the push?20:10
Davieyas in, when i tried this with cat /dev/random > fifo & ; cat fifo ; sleep 10s ; kill second cat, kills the first cat.20:11
sorenYeah.20:11
RoAkSoAxsmoser: http://pastebin.ubuntu.com/677445/20:14
RoAkSoAxsmoser: is the PPA stuff fixed?20:14
DavieyRoAkSoAx: is that because the node doesn't have access to the keyserver?20:15
smoserwell that i just an update there.20:15
smosertry re-running that command on the instance and see what happends20:15
RoAkSoAxDaviey: that, but there was a recent change with python-software-properties that broke cloud-init too20:15
RoAkSoAxsmoser: but the stuff of importing PPA's is fixed?20:16
smoserRoAkSoAx, it should have been.20:19
RoAkSoAxsmoser: ok cool thanks20:24
* RoAkSoAx will be back in half an hour20:24
=== himcesjf1 is now known as himcesjf
glebaronI have a question about ubuntu 10.04 server with multipath drive arrays attached.  http://paste.ubuntu.com/677378/ is my multipath listing. http://paste.ubuntu.com/677380/ is my ls -al from /dev/mapper/20:30
glebaronAll is good until I reboot the server. When it comes back up, in /dev/mapper/ all of the mpathxp1's are missing.20:30
glebaronThen the only way I can get them back is to run partprobe /dev/mapper/mpathx.20:30
glebaronI am thinking that a reboot should not cause it to lose the partition maps.20:30
ppetrakiglebaron, so what's your /etc/multipath.conf look like?20:33
glebaronppetraki: http://paste.ubuntu.com/677457/20:34
ppetrakiglebaron, have you rebuilt your initramfs since creating this file?20:37
ppetrakiglebaron, is multipath-tools-boot also installed?20:37
elz89Just wondered, is there something similar to "fpaste" in Fedora?20:39
Davieysoren: cracked it!20:40
sorenDaviey: Cool!20:40
ppetrakiglebaron, two nits with your config file, 1) blacklisting sda isn't deterministic, you can blacklist by make/model instead20:40
Davieyi'm not saying it is the best solution, but at least an option.20:40
ppetrakiglebaron, 2) change product "VTrak"  => product "VTrak.*"20:41
ppetrakiglebaron, don't want to be the victim of some regexp ambiguity, even though it's working now20:42
glebaronppetraki: thanks for tips.20:42
glebaronI am not only one working on this server, so I will answer to the best of my knowledge.20:42
ppetrakiglebaron, if you have -boot installed, multipath is run in the initramfs, against the config file, which should create all your maps20:42
ppetrakiglebaron, np20:42
ppetrakiglebaron, if you're *not* booting from SAN *and* these maps aren't being created, that's an interesting problem20:43
glebaronppetraki: -boot is installed and intramfs has been updated recently.20:43
yaksterhello everybody! anyone here know how to make apache case insensitive…20:43
glebaronppetraki: but we are booting from local disk and not san.20:44
yakstersay www.GOOGLE.com or GoOGle.com will redirect to a local page like www.Google.com  btw, this is the when listing for external web request20:44
yaksterI hope that I explained that correctly..20:45
ppetrakiglebaron, so those udev rules should have been run when the block devices were added initially.20:45
ppetrakiglebaron, something went wrong20:45
ppetrakiglebaron, you should be able to run 'multipath -v0' to create new paths. For example, multipath -F, will clear all unused paths, and multipath -v0 should recreate them20:46
ppetrakiglebaron, what version of ubuntu is this?20:47
glebaronppetraki: 10.04 Server 64-bit20:47
yaksteranyone know how to make apache case insensitive?20:49
TheEvilPhoenixyakster:  it inherits the restrictions of Linux20:50
koolhead17RoAkSoAx: not tried dnsmasq before, currently working on some automation. will read up on it.20:50
TheEvilPhoenixLinux is case sensitive20:50
yakstercorrect…20:50
TheEvilPhoenixyakster:  therefore, Apache is case sensitive20:50
yaksterI understand that….20:50
TheEvilPhoenixthere's no real method to change that20:50
sorenErr..20:50
sorenthere is.20:50
sorenhttp://httpd.apache.org/docs/current/mod/mod_speling.html20:51
glebaronppetraki: thanks so much for input. Things already looking a lot better.20:51
yaksterbut say I have a webpage, and the what that it was posted is…. http://MySite.dyndns.info/Welcome.html and my dad, being the super smart guy he is, just types in http://mysite.dyndns.info/WELCOME.HTML  he is going to get a 404 error, page not found…20:51
TheEvilPhoenixsoren:  orly? *checks*20:51
TheEvilPhoenixsoren:  is it in the repos?20:51
ppetrakiglebaron, here's an example of make/model blacklisting: http://lists.alioth.debian.org/pipermail/pkg-lvm-maintainers/2010-May/002910.html20:52
ppetrakiglebaron, lsscsi is your friend20:52
glebaronppetraki: Will have to wait for a day or so to reboot and see if it's fixed for good.20:52
ppetrakiglebaron, I understand, what interconnect are you using? SAS?20:52
yaksterok, that is great if I have an illiterate person accessing my site, but not for one who likes to type in proper case text.20:53
koolhead17soren: ping20:54
sorenTheEvilPhoenix: Sure.20:54
koolhead17RoAkSoAx: thanks. i will update you about development tomorrow. :)20:54
sorenTheEvilPhoenix: in apache2.2-bin, even.20:54
smoserRoAkSoAx, http://paste.ubuntu.com/677474/20:54
sorenkoolhead17: What's up?20:54
smoserthat is output of an oneiirci instance with cloud-config from http://paste.ubuntu.com/677475/20:55
=== mrmist is now known as evilmrmist
smoserso it seems its working to me.20:55
glebaronppetraki, I do not know about interconnect. Promise unit is SATA disks direct connected via fiber. I inherited it already hooked up. Is there an easy way to find out?20:55
hallynjdstrand: hi - in the qrt, the libvirt testsuite help starts with20:56
hallynUSAGE:  *** DEPRECATED ***20:56
ppetrakiglebaron, yeah, its SAS, it can support either, I looked it up20:56
hallynI don't understnad.  what is deprecated?20:56
yaksterok, how do i enable that mod spelling20:56
koolhead17soren: doing great. need your mail id. working on jenkins/open stack automation might need your help on that.20:56
TheEvilPhoenixsoren:  how do i activate that module?20:56
jdstrandhallyn: let me look20:57
sorenTheEvilPhoenix: sudo a2enmod speling, presumably.20:58
sorenkoolhead17: soren@openstack.org20:58
koolhead17soren: thanks :D20:58
jdstrandhallyn: can you paste with the command?20:58
jdstrandsoren: dude!20:59
ppetrakiglebaron, make sure you update the initramfs to reflect your new changes before you reboot. If you continue to have problems we'll have to dig into debugging starting with why the udev rules didn't have the desired impact20:59
* koolhead17 needs to dig deep inside jenkins now :D20:59
hallynjdstrand: doh!  I was looking at the libvirt-aa-secdriver.sh21:00
hallynRecon I don't need to be running that by hand :)21:00
jdstrandhallyn: oh yes, don't use that :)21:00
sorenjdstrand: Dude, indeed!21:00
glebaronppetraki, thanks. I am already understanding much better. I will update initramfs and reboot soon. If that doesn't work, I will be back with more questions!21:01
ppetrakiglebaron, :)21:01
jdstrandhallyn: that has all be converted over anyway to test-libvirt.py anyway21:01
yaksternope that didn't work…21:01
jdstrandsoren: :)21:01
yaksterjust tried it, and it dosent even remotely work..21:05
yaksterhello?21:06
yaksterquiet all the sudden21:08
Davieyhallyn: nice fix on the qemu-kvm package.21:13
Davieyhallyn: FYI qemu-kvm 0.15 final just hit experimental.21:16
Davieysmoser: BTW, i had a kernel panic rebooting an instance earlier.21:18
=== evilmrmist is now known as netralmrmist
=== netralmrmist is now known as neutralmrmist
Davieysmoser: It *might* have been my fault, but mentioning it JIC http://pb.daviey.com/KKOF/21:19
hallynDaviey: on qemu-kvm 0.15...  anything more i can do to help that along?21:33
=== neutralmrmist is now known as mrmist
Davieyhallyn: I think we really need to open that issue post b1.21:42
DavieyI really don't want to screw b1 if it turns ut bad.21:43
Davieyout*21:43
hallynDaviey: ok21:48
CluelessPersonhey22:12
CluelessPersonfor some reason samba suddenly stopped working22:12
CluelessPersonmy server still shows up on the network22:13
CluelessPersonbut when I try to connect from my windows netbook, it tells me there's no anser/connection22:13
=== Robinux is now known as sw0rdfish
DavieyWho wants to earn a gold star?22:29
DavieySomeone fixing bug #837049 would make me very happy!22:30
uvirtbotLaunchpad bug 837049 in php5 "php5 FTBFS (amd64 only)" [High,Confirmed] https://launchpad.net/bugs/83704922:30
arrrghhhhey all22:42
arrrghhhi want to secure my server with ssh key auth instead of password auth22:43
uvirtbotNew bug: #837049 in php5 (main) "php5 FTBFS (amd64 only)" [High,Confirmed] https://launchpad.net/bugs/83704922:43
arrrghhhmy only issue is adding all of the machines i need before disabling password auth - should i just reuse the same key for all machines?  what do i do for mixed environments?  some of the machines accessing the server are linux, some are windows....22:43
glebaronarrrghhh: it's a per-user thing. Each user has their own private key on their machine, and their public key is installed on their servers in user accounts that you want them to have access to.22:45
glebaron*your servers*22:45
arrrghhhyes22:46
arrrghhhwell this is one server22:46
arrrghhhand i am always the client machine22:46
arrrghhhbut i have many clients22:46
arrrghhhcell phone, work PC, home laptop (win&lin)22:46
arrrghhhthen i run into the issue of "other machines"22:46
glebaronthe private key has to be on each of those.22:46
arrrghhhi rarely need to access my server from other machines, but what do i do when i run into a client that isn't setup?22:46
arrrghhhok so you'd recommend i get all the keys setup, then disable pass-based auth?22:47
glebaronjust copy the private key to that machine.22:47
glebaronyes.22:47
arrrghhhok22:47
arrrghhhi guess copying the private key seems difficult across platforms22:47
arrrghhhprivate keys for putty don't seem compatible with linux and visa-versa... no?22:47
glebaronthey work.22:47
glebaronIt's not optimal.22:48
arrrghhhi remember them not working.  or perhaps i didn't know how to get it to work?22:48
arrrghhhok22:48
arrrghhhso i should have a ppk for putty for windows clients, and another key for linux perhaps?22:48
glebaronyes.22:48
glebaronwe have windows users using putty ppk on their windows machines22:49
glebaronand connecting to linux servers.22:49
glebaronand we have linux/mac users using regular ssh keys.22:49
glebaronbut we don22:49
glebaront22:49
glebaronnormally put putty keys on any client other than windows.22:50
arrrghhhah22:50
arrrghhhok22:50
arrrghhhi think that was my problem22:50
arrrghhhlast time i was trying to have one key for all clients22:50
arrrghhhand i ran into issues trying to get putty to work with linux priv key, or visa-versa.22:51
arrrghhhthanks22:51
glebaron:)22:51
arrrghhhcrap glebaron left.23:23
arrrghhhhow do i transfer the client key to the host from Windows/putty...?23:24
arrrghhhcrap23:30
qman__ssh-copy-id makes it easy on linux, but it's as simple as putting the public key into ~/.ssh/authorized_keys on the server23:37
qman__just ssh in, edit that file, and copy/paste23:38
qman__arrrghhh, ^23:38
arrrghhhoh23:38
arrrghhhok23:38
arrrghhhqman__, i don't have an authorized_keys file in .ssh...23:39
arrrghhhwould it be in /etc?23:39
qman__no23:39
qman__the file doesn't exist until at least one key is put there23:39
qman__create it23:39
arrrghhhheh23:39
arrrghhhok23:39
qman__the permissions also have to be right23:40
qman__600 IIRC23:40
arrrghhh700 actually i think23:40
qman__600 on mine23:40
arrrghhhhrm23:40
qman__700 would be executable23:40
qman__no need to execute keys23:40
arrrghhhyea that's true.23:40
arrrghhhubuntu guide said 70023:40
qman__folder should be 70023:40
qman__file should be 60023:40
arrrghhhoic23:40
arrrghhhmakes sense23:41
arrrghhhso i can just take the ppk file23:41
arrrghhhand paste the "private-lines" into an authorized_key file..?23:41
qman__no23:42
qman__public key23:42
qman__not the private key23:42
arrrghhhah right23:42
arrrghhhprivate key is client only23:42
qman__private key goes to the connecting client23:42
arrrghhhserver refused our key23:43
arrrghhhheh23:44
=== medberry is now known as med_out
arrrghhhall i did was paste the public key in23:44
arrrghhhand took all the end keys out23:44
arrrghhhso it's one long line...23:44
qman__that's correct23:44
arrrghhhhrm23:44
qman__each public key you want to allow connections from, goes on one line in the file23:44
arrrghhhok23:45
arrrghhhanything else on that line?23:45
qman__nope23:45
arrrghhhjust the jibberish that involves the public key?23:45
arrrghhhhum23:45
arrrghhhwhy would the server refuse my key then?23:45
qman__like this23:45
arrrghhhoh key based auth might not be enabled.23:45
qman__ssh-rsa AAAAB....8= ryan@amdk623:45
arrrghhhoh23:45
arrrghhhi didn't have the ssh-rsa23:46
arrrghhhor the machine @ the end23:46
qman__ssh-rsa at the front, description at the back23:46
qman__it can be anything, mine happens to be user@host23:46
arrrghhhah, and my authorized_keys is in /etc for some reason.23:46
qman__yes, but that's machine wide23:46
arrrghhhhrm23:46
arrrghhhok23:46
qman__I assume you don't want to allow connections as any user on the machine from your key23:46
arrrghhhno23:46
arrrghhhi only have this one user, but still no :P23:47
qman__a default install has over 20 users23:47
arrrghhhyea23:47
arrrghhhwell23:47
arrrghhhi've only created one user23:47
arrrghhhso what do i put in for the machine @ the end23:48
arrrghhhdoesn't matter?23:48
arrrghhhcuz it's still rejecting my key.23:48
qman__can be anything, it's just a description field23:48
arrrghhhso why else would the server refuse my key?23:49
qman__plenty of possible reasons23:50
arrrghhhheh23:50
qman__I'd check /var/log/auth.log23:50
arrrghhhk23:50
qman__see if it says why23:50
arrrghhhi see accepted passwords23:51
arrrghhhbut no 'rejections' or anything similar from sshd23:51
arrrghhhhow can i tell that it's pulling from this authorized_keys file...?23:52
arrrghhhah23:54
arrrghhhit is pulling from /etc/.ssh/authorized_keys23:54
arrrghhhso should i change that in the sshd_config...?23:54
qman__looks like your home directory isn't set up right23:54
qman__what does cd ~ do?23:54
arrrghhhputs me at the user@nas:~$ prompt23:55
qman__pwd23:55
qman__there23:55
arrrghhh/home/user23:55
qman__did you set encrypted home directories?23:55
arrrghhhnope23:55
qman__and the file you created is /home/user/.ssh/authorized_keys23:56
arrrghhhyes23:56
qman__and /home/user/.ssh is chmod 70023:56
qman__and /home/user/.ssh/authorized_keys is chmod 60023:56
arrrghhhdrwx------   2 user  user      4096 2011-08-29 17:42 .ssh23:56
arrrghhher i don't think auth_keys is 600 hold on23:57
arrrghhhk it's 600 now23:58
arrrghhhand i still get server refused our key23:58
arrrghhh(i removed the /etc/.ssh directory)23:58
arrrghhhso this line23:58
arrrghhhAuthorizedKeysFile      /etc/.ssh/authorized_keys23:58
arrrghhhin my sshd_config23:58
arrrghhhdoesn't matter..?23:58
arrrghhhi shouldn't change that?23:58
qman__mine doesn't have that line23:59
qman__try commenting it out and restarting sshd23:59
arrrghhhk23:59
arrrghhhlol23:59
arrrghhhi recall vaguely doing that.  i wish i knew why.23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!