/srv/irclogs.ubuntu.com/2011/09/15/#ubuntu-server.txt

smoser	cr3 is gone, but ask again tomorrow.	00:13
b0gatyr	join #windows-server	00:26
=== SJrX is now known as SJr
=== fenris is now known as Guest90959
=== avoine_ is now known as avoine
=== jj-afk is now known as jjohansen
=== Guest86261 is now known as CrazyGir
the_fool	Hi, i'm working on setting up a friend with ubuntu, but I can't seem to get the wireless up and running, it looks like the driver is good, but i'm no expert - anyone willing to walk me through this? Thanks	01:30
avoine	the_fool: join the #ubuntu channel and I will help you there	01:35
cjs226	I'm having a problem with shutdown and reboot not waiting for a shutdown script to complete. i verified it's being run. i assumed the system would wait for each K script to complete. is this not the case?	01:54
avoine	cjs226: I think it kill scripts after a certain time, I'm not sure	02:00
avoine	cjs226: the timeout is 5 seconds by default -> http://upstart.ubuntu.com/cookbook/#kill-timeout	02:01
cjs226	ah, that explains it. THANKS!	02:01
=== Guest90959 is now known as ejat
SpamapS	cjs226: when you say the "K" scripts .. what # is it receiving in /etc/rc0.d ?	02:08
SpamapS	cjs226: there is definitely no timeout for those scripts.. they are run one after the other	02:09
cjs226	i have it as K01 in rc0, 2 and 6	02:10
cjs226	what's the best procedure to impliment an app's shutdown script such that it has time to shutdown gracefully. for me i need a minute and a half	02:11
SpamapS	cjs226: it should work to just have the K script in there	02:12
SpamapS	cjs226: note that it needs an S script in the previous runlevel as well, or it won't be killed as the system won't think it was running	02:13
cjs226	spamaps: ok, i'll test that, thx	02:13
SpamapS	cjs226: typically the defaults given to a script by update-rc.d work fine	02:14
SpamapS	cjs226: note that if you switch to an upstart script, you want 'stop on starting rc RUNLEVEL=[016]'	02:14
SpamapS	otherwise the system will only wait about 10 seconds for it to stop	02:14
SpamapS	(known bug)	02:14
SpamapS	cjs226: good luck	02:15
* SpamapS signs off for a bit		02:15
cjs226	thx, appreciate it!	02:15
uvirtbot	New bug: #850587 in cloud-init (main) "cloud-init fails to install if /tmp directory is noexec" [Undecided,New] https://launchpad.net/bugs/850587	03:41
sbeattie	Daviey: FYI, update-notifier-common (which lets you know you need to reboot your server in motd) used to be in the default server install in lucid http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.lucid/server, but got dropped for maverick and later.	03:46
sbeattie	Daviey: are you sure that it should have been dropped?	03:47
ujjain1	do I need to run seahorse with sudo to use it? and I get a gnome-keyring communication failure error.	03:48
=== WinstonSmith is now known as ermmmmmmmmmmms
=== ermmmmmmmmmmms is now known as WinstonSmith
=== WinstonSmith is now known as ermmmmmmmmmmms
=== ermmmmmmmmmmms is now known as WinstonSmith
Corey	Like an idiot, I just blew away the squid init script (/etc/init.d/squid). How do I get apt / aptitude to reinstall it?	06:33
lifeless	sergevn: is it bad that rmmod iwlagn inside a container removes the module successfully ?	06:40
lifeless	sergevn: sorry, wrong serge ;)	06:42
lifeless	hallyn: is it bad that rmmod iwlagn inside a container removes the module successfully ?	06:42
ScottK	Corey: sudo apt-get purge squid then sudo apt-get install squid and you'll get it back.	06:59
WinstonSmith	what about dpkg-reconfigure? wouldn't that do the trick?	06:59
ScottK	No.	07:00
ScottK	When you manually remove the file, dpkg will assume that means you didn't want it until you purge and then it forgets you did that.	07:01
soren	lifeless: You need to drop the sys_module capability.	07:02
* soren runs off for a half hour or so		07:03
Corey	ScottK: Thanks. Unfortuantely as it turns out this is Ubuntu 6.xx, so those packages aren't available anymore. Whoops.	07:06
ScottK	Corey: They are on old-releases.ubuntu.com	07:06
ScottK	You really should upgrade though.	07:06
ScottK	You'll just need to adjust /etc/apt/sources.list to point at it.	07:07
Corey	ScottK: Not my choice.	07:09
ScottK	OK.	07:09
Corey	ScottK: And thanks. :-)	07:09
ScottK	You're welcome.	07:09
Corey	ScottK: Unfortunately the client's preferences eclipse my own.	07:09
ScottK	I know how that is.	07:09
ScottK	They should hire me to tell them they're wrong.	07:10
ScottK	;-)	07:10
Corey	ScottK: They've already done that with me. ;-)	07:10
Corey	ScottK: Mind if I ask what your contribution was that got you Ubuntu membership?	07:10
ScottK	Development.	07:10
ScottK	It was also in 2007, so things have changed a bit.	07:11
lifeless	soren: probably dhouldn't be on by default :)	07:20
uvirtbot	New bug: #338766 in vm-builder (universe) "vm-builder should support proxy servers" [Wishlist,Fix released] https://launchpad.net/bugs/338766	07:31
uvirtbot	New bug: #850672 in nut (main) ""port = auto" does not work with bcmxcp_usb (powerware 5115)" [Undecided,New] https://launchpad.net/bugs/850672	07:36
soren	lifeless: How are you running your containers?	07:47
soren	lifeless: Using libvirt or lxctools?	07:47
lifeless	soren: lxc-start ...	07:48
Nafallo	hi. who handles php these days? :-)	07:48
lifeless	Nafallo: noone :) </troll>	07:49
Nafallo	lifeless: heh	07:49
Nafallo	I had to "upgrade" to the packages from sid on an oneiric server yesterday because our php5-sqlite only has sqlite3 support :-P	07:50
Nafallo	and sid had a different ABI	07:50
soren	lifeless: bug 850687	07:50
uvirtbot	Launchpad bug 850687 in lxc "Should disable cap_module by default" [Undecided,New] https://launchpad.net/bugs/850687	07:50
lifeless	thanks :)	07:51
soren	Nafallo: And what did you need (if not sqlite3)=	07:51
soren	?	07:51
Nafallo	soren: sqlite	07:51
Nafallo	(sqlite2)	07:51
soren	I had no idea anyone still used that for anything.	07:52
Nafallo	roundcube wanted it at the very least ;-)	07:52
lifeless	probably pastebin.ubuntu.com	07:52
soren	Nafallo: I've only ever used roundcube with MySQL :-/	07:53
Nafallo	I bet there are more things, but it took me a good while to figure out and "work around" it :-P	07:54
soren	lifeless: If it helps at all, libvirt does it correctly (removes CAP_SYS_MODULE).	07:54
lifeless	soren: cool	07:54
lifeless	soren: [it doesn't, but cool]	07:54
Daviey	Nafallo: Erm, i thought it was an effort this cycle for us to remove sqlite support?	07:54
Daviey	Or at least, get it out of main	07:55
Nafallo	Daviey: well, not haivng a working roundcube-sqlite package would be a regression :-)	07:56
Daviey	Nafallo: Sure, fancy fixing roundcube?	07:56
Nafallo	Daviey: I tried to find out if I could convince it to use sqlite3 yesterday, and restorted to upgrading from sid.... just saying.	07:57
Nafallo	I'd rather have php5-sqlite in universe with libsqlite dependency (if main is the reason we can't have working things)	07:57
Nafallo	alternatively we could have php5-sqlite and php5-sqlite3	07:59
Daviey	Nafallo: I think you are calling for php5-sqlite to be a seperate source package.	07:59
Nafallo	having php5-sqlite being only sqlite3 wasn't helpful :-P	07:59
Nafallo	source/binary.. whatever works.	08:00
uvirtbot	New bug: #850687 in lxc (main) "Should disable cap_module by default" [Undecided,New] https://launchpad.net/bugs/850687	08:01
Daviey	Nafallo: fancy trying http://www.roundcubeforum.net/3-news-announcements/12-general-discussion/4954-making-sqlite-3-x-work.html , but see if you can avoid using pear?	08:04
Daviey	Although, why you'd use sqlite over mysql is a mystery to me :)	08:04
Nafallo	Daviey: I fancy a working setup OOTB. that's why I run Ubuntu.	08:05
Daviey	Nafallo: Hang on, you use the development release of Ubuntu to have stability. You are doing it wrong,	08:05
Daviey	I assumed you were running the development version to help fix issues before release.	08:05
Nafallo	and since it took me half a year to get round to setting up a new VM and install roundcube, not in a 11.10 timeframe ;-)	08:05
Nafallo	Daviey: yes. issues like the one I ran into and that we are talking about :-)	08:06
Nafallo	I always try to run the development version when and where it's convenient for me to do so	08:06
uvirtbot	New bug: #850690 in samba (main) "package samba-common 2:3.5.4~dfsg-1ubuntu8.4 failed to install/upgrade: there is no script in the new version of the package - giving up" [Undecided,New] https://launchpad.net/bugs/850690	08:07
Daviey	Nafallo: Sorry.. Looks like you are sad out of luck then.. Happy to help you fix this issue, but we don't have the time to fix it for you.	08:08
Nafallo	right. okay.	08:08
Nafallo	the issue is obviously one created by Ubuntu, since Debian doesn't have this problem, but yeah... I won't get much done by whining about this here :-)	08:12
matti	a3:)	08:14
matti	;)	08:14
matti	Ops.	08:14
matti	Hey Nafallo	08:15
Nafallo	hi matti	08:15
koolhead11	hi all	08:18
Daviey	Nafallo: you have been around long enough to know how this works :).. Have you even raised a bug?	08:20
Nafallo	Daviey: yes, and I plan to do so again ;-)	08:21
Daviey	Nafallo: What is the bug number?	08:22
Nafallo	Daviey: sorry, but I tend to discuss before raising them. it is currently scheduled for this evening when I get home from work.	08:23
Daviey	Nafallo: Okay, give me a ping when there is a patch attached... and we'll get it fixed!	08:25
Daviey	rocking.	08:25
jamespage	Daviey: udeb work - libcurl3-minimal-udeb looking OK - going to look at xmlrpc-c-minimal today	08:26
jamespage	(and good morning BTW)	08:26
Nafallo	Daviey: didn't say I'd get time to do any patching mate...	08:26
Daviey	Gooooood Morning jamespage	08:27
Daviey	jamespage: You sir, are a life saver.	08:27
Daviey	Nafallo: Oh sure, branches are equally as good.	08:29
koolhead11	hey Daviey jamespage	08:32
lynxman	morning all o/	08:35
Daviey	hey koolhead11 & lynxman	08:36
jamespage	morning koolhead11, lynxman	08:38
lynxman	Daviey, jamespage o/	08:38
koolhead11	Daviey: so we have to wait for Debian guys to fix the dbconfig bug!! :D	08:38
Daviey	koolhead11: oh noes.. What one?	08:41
koolhead11	Daviey: https://bugs.launchpad.net/debian/+source/dbconfig-common/+bug/807038	08:42
koolhead11	:D	08:42
uvirtbot	Launchpad bug 807038 in dbconfig-common "dbconfig-common fails to preseed phpmyadmin on natty/lucid" [Medium,New]	08:42
Daviey	looking	08:43
Daviey	grr	08:44
koolhead11	:)	08:45
rbasak	koolhead11: From yesterday, the problem seems to be that my machine inside kvm doing netboot off oneiric server b1 isn't picking up a virtio disk, so it is giving me an iscsi option only	08:49
rbasak	Is this expected - is there a different image I'm supposed to be using?	08:49
koolhead11	rbasak: no there is no saperate image for KVM AFAIK	08:50
koolhead11	rbasak: i would suggest check KOAN as well	08:51
rbasak	koolhead11: AIUI, doesn't koan only help if I already have a machine installed?	08:51
* rbasak tries using a SCSI bus instead		08:52
koolhead11	rbasak: i would suggest please check it. As i have not worked on/with KVM i have tried cobbler for my physical machines. It be great if after the test you will blog about the same. :)	08:52
jamespage	hmm - tomcat6 is not in the ubuntu-server packageset - how odd....	08:58
jamespage	rbasak: you need RoAkSoAx - he demoed what you are trying todo at UDS-O	08:59
koolhead11	jamespage: +1 yeah :D	09:00
koolhead11	jamespage: even there is no openjdk-6-jre which jenkins depends on :(	09:00
Daviey	smoser also worked on doing it slightly differently.	09:00
jamespage	koolhead11: in oneiric? it depends on default-jre-headless which should pickup the right java	09:02
Daviey	rbasak: check out lp:~smoser/+junk/cobbler-devenv	09:02
Daviey	The how-to might be of use.	09:02
jamespage	Daviey: any chance you could sponsor https://code.launchpad.net/~james-page/ubuntu/oneiric/tomcat6/CVE-2011-3190/+merge/75495 - whilst I work on xmlrpc-c-minimal	09:03
uvirtbot	jamespage: Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190)	09:03
koolhead11	jamespage: so i should not install openjdk-6-jre on my oneiric clients ?	09:03
jamespage	koolhead11: sorry - are you talking about jenkins slaves or a jenkins master?	09:03
koolhead11	jamespage: slaves :D	09:03
jamespage	koolhead11: try the jenkins-slave package - it installs the right bits for you	09:04
jamespage	supports both running via SSH from the master OR starting up locally and connecting to the master server	09:05
Daviey	jamespage: Have a call starting now, but right after - sure	09:05
koolhead11	jamespage: is it in the ISO, base pkg ?	09:05
jamespage	koolhead11: nope - jenkins is all in universe	09:05
koolhead11	jamespage: ok :(	09:05
koolhead11	i don`t have internet at time am running cobbler. seems like i have to do this just after machine gets provisoned	09:06
koolhead11	i have simple ISO of oneiric which feeds as repo for me	09:07
koolhead11	anyways am back to my LDAP love, catch you guys later.	09:09
=== koolhead11 is now known as koolhead11\|afk
Daviey	LDAP 'love'? Hmm, i'm yet to find that.	09:10
memoryleak	hi	09:13
rbasak	It seems that both virtio and scsi don't work for cobbler+kvm - but ide emulation is OK	09:26
jamespage	Daviey: how do we test all this new udeb stuff?	09:27
Daviey	jamespage: give me 10, then we'll chat	09:33
jamespage	Daviey: OK - I have a minimal xmlrpc with udeb working as well now	09:37
jamespage	all looks OK but it needs review	09:37
soren	jamespage: Where can I see it?	09:38
jamespage	soren: all branches attached to bug 831496	09:45
uvirtbot	Launchpad bug 831496 in Ubuntu Oneiric "[FFe] Add cobbler enrollment support to server cd image" [High,New] https://launchpad.net/bugs/831496	09:45
jamespage	I've uploaded xmlrpc-c-minimal (NEW) and curl to ppa:james-page/discovery	09:46
uvirtbot	New bug: #850771 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/850771	09:56
Daviey	jamespage: Fancy a call?	10:04
jamespage	Daviey: one moment	10:05
* Daviey holds himself.		10:05
* Daviey gets on with stuff.		10:06
jamespage	Daviey: OK now	10:12
jamespage	Daviey: ldd cobbler-enrol - http://paste.ubuntu.com/689885/	10:40
jamespage	I've just uploaded cobbler-enrol to ppa:james-page/discovery	10:41
jamespage	I might suggest that we move all of the branches to a team location so we can both work on them	10:42
jamespage	hmm I'd test but I'm not near my cobbler system	10:43
jamespage	Daviey: I know this is targetted to the ISO but it should be possible todo the same thing from a network PXE boot as well? Could be a menu option for unregistered systems from cobbler	10:44
Daviey	jamespage: that is the honest primary purpose.	10:47
jamespage	coolio	10:47
Daviey	cobbler sending a preseed value for these debconf questions down the wire	10:47
smoser	rbasak, most certainly any server kernel we have should support virtio disk	11:43
smoser	most likely as modules... maybe you had an out of date iso that you booted from, which would mean the installer does not find a matching kernel module package	11:44
rbasak	smoser: Ah, I see - so the installer looks for a kernel module package in the archive that matches the image it is using?	11:44
smoser	yes.	11:45
smoser	but it does give a reasonable error	11:45
rbasak	I'm using the b1 iso image, so I guess the corresponding module package in the archive is now gone	11:45
smoser	somethign like "can't find modules"	11:45
smoser	i woudl have thought the beta1 would continue to work, but maybe not	11:45
smoser	rbasak, this is the net-install ?	11:45
rbasak	I saw no error, but probably because of the preseed	11:45
rbasak	It's whatever cobbler gave me	11:45
smoser	yeah, so make sure whatever cobbler has is up to date an dtry again	11:46
smoser	there is a command for that	11:46
smoser	cobbler-import-ubuntu or something	11:46
smoser	or ubuntu-import-cobbler	11:46
smoser	somethin like that	11:46
smoser	and if that fixes your problem, please open a bug	11:46
smoser	it should not be such an issue after release, but i tihnk that it will be an issue... or maybe we should make sure its only going to import the released versions which shoudl work indefinitely	11:47
rbasak	cobbler-ubuntu-import :-P	11:47
Daviey	rbasak: If you are using an archive made from the iso, then it should still work. If you are using a public archive, then it will not work :)	11:47
smoser	"archive made from the iso" ?	11:48
smoser	cobbler does not do that.	11:48
rbasak	yeah I'm just doing what cobbler did for me	11:48
rbasak	I imported the b1 iso, that's all. I didn't know about import-ubuntu-cobbler	11:48
Daviey	smoser: How much do you care about bug 827590 getting fixed in oneiric?	11:49
uvirtbot	Launchpad bug 827590 in nova "cloud-init does not mount ephemeral0 on /mnt in nova" [Medium,Fix committed] https://launchpad.net/bugs/827590	11:49
Daviey	smoser: Are you stating that it cannot do that?	11:49
smoser	it looks like that should not be an issue after release	11:50
smoser	http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/ (those are old	11:50
smoser	)	11:50
smoser	Daviey, that is fix-commited	11:51
smoser	but i care a lot	11:51
smoser	we're picking another nova branch, right ?	11:51
Daviey	smoser: Erm, it's Fix Committed in Essex.. not Diablo.	11:54
Daviey	We either need to convince ttx/vish to backport that (note, that it requires a db schema change); or distro patch it ourselves if you think it is essential.	11:55
smoser	oh carp. i had forgotten about that.	11:56
smoser	we need to pull that stuff back.	11:56
smoser	well, i think tha tis worht pulling into ubuntu	11:57
smoser	although the db schema change bothers me.	11:57
smoser	as we may then need to deal with upgrade issues.	11:57
Daviey	smoser: Can you try and convince vish and/or ttx that they should carry it upstream?	11:57
smoser	yeah.	11:58
Daviey	smoser: nah, the migrations are pretty safe TBH.	11:58
Daviey	well, in nova, less so with glance it seems	11:58
smoser	but we migh have one that is different	11:58
Daviey	It's not like this is an SRU schema change.	11:58
smoser	ie, our db then would look different to an essex upgrade than diablo pure	11:59
smoser	and we'll possibly have to deal with it then	11:59
smoser	Daviey, there are some other bugs that i consider serious	11:59
Daviey	Good point... i think that could be handled.. but we can avoid the headache if it's done upstream :)	11:59
Daviey	smoser: link me baby	11:59
smoser	bug 837100 , bug 837102	12:00
uvirtbot	Launchpad bug 837100 in nova "nova does not uncompress qcow compressed images" [Wishlist,Confirmed] https://launchpad.net/bugs/837100	12:00
uvirtbot	smoser: Error: Could not parse data returned by Launchpad: The read operation timed out	12:00
Daviey	bug 837102	12:00
Daviey	uvirtbot: you suck.	12:00
uvirtbot	Launchpad bug 837102 in nova "nova writes libvirt xml 'driver_type' based only on FLAGS.use_cow_images" [Low,Triaged] https://launchpad.net/bugs/837102	12:00
uvirtbot	Daviey: Error: "you" is not a valid command.	12:00
smoser	uvirtbot, uvirtbot sucks	12:01
uvirtbot	smoser: Error: "uvirtbot" is not a valid command.	12:01
smoser	the first there, means we basically have to have the client uncompress the compressed qcow disk images that we create before they upload	12:01
smoser	otherwise performance will be abissmal	12:02
Daviey	urgh	12:02
smoser	the second (untested) to me means that if you use a qcow image to upload, and you do not have USE_QCOW flag (which, realistically, no one outside of developement is going to use), then i think app armour will cause kvm to fail	12:03
Daviey	837100, seems unlikely to be a candidate for this release IMO.	12:03
smoser	i went hunting some yesterday on how to determine if a qcow image is compressed or not. unfortunately, qcow-img does not report that.	12:03
smoser	Daviey, that one is easily fixable. but why do you think not a candidate ?	12:03
smoser	the most difficult thing is determining if it is compressed or not.	12:04
Daviey	smoser: Seems to be a feature, rather than an actual bug?	12:04
Daviey	smoser: does 'file' return that data?	12:04
smoser	really?	12:05
smoser	you consider not doing cpu decompression on every read to be a feature	12:05
smoser	and for the second, you consider having instances not fail to boot to be a feature.	12:06
Daviey	The cpu decompression to me, seems to be a performance enhancement.	12:07
Daviey	It currently works without that fix. right?	12:07
Daviey	just slow.	12:07
Daviey	I'm not saying it /shouldn't/ be fixed, but is it going to be accepted upstream?	12:07
smoser	"my disk reads at 3MB/s"	12:07
smoser	"my disk should read at 90MB/s"	12:08
smoser	"my system is always pegged 100% on 8 CPUS"	12:08
smoser	something like that.	12:08
smoser	we can work around this in cloud-utils. but its a wart.	12:08
Daviey	ttx: thoughts?	12:09
ttx	looking	12:11
smoser	ttx, same bugs that i bothered you at in openstack-dev	12:11
* smoser goes to branch milestone-proposed		12:12
ttx	Daviey: those bugs look sane -- if the question is "will they be accepted in a diablo backport" it all depends on the impact of the bugfix	12:13
ttx	Daviey: so basically they need to be fixed in trunk first	12:13
rbasak	smoser: yes, cobbler-ubuntu-import fixed it, thanks	12:13
rbasak	smoser, Daviey: so is that a bug? Do we care?	12:14
ttx	Daviey: if the solution is a clean one-liner, it's an obvious YES. If the solution involved a new dependency, a Db version bump and three new undocumented flags... not so much.	12:14
=== ersi_ is now known as ersi
smoser	rbasak, i tihnk its not so much of a bug as i had thought.	12:15
smoser	i said above because after release the issue will not occur	12:15
rbasak	smoser: OK, no problem	12:15
smoser	(at least thats my understanding... the lucid iso is 10.04 date-ish, even though we've even released 10.04.1)	12:15
smoser	it is freaking annoying, but should only occur on the development release.	12:16
Daviey	erm, i disagree. It will brak on every kernel ABI bump.	12:16
Daviey	break*	12:16
Daviey	no?	12:16
rbasak	Daviey: I'm not sure. Won't the old modules .deb remain even after an update?	12:18
rbasak	One potential issue is that the breakage doesn't report any kind of error. Even if the installer is supposed, the default cobbler preseed seems to make sure that it won't. Instead I get a flashing screen and no other info as debian-installer restarts in an infinite loop, and trying to figure out what is going on in a different VT is difficult as the screen won't stop flashing.	12:19
smoser	rbasak, how would it break ?	12:26
smoser	i dont think it would.	12:26
Daviey	rbasak: ah, that is new to me.	12:26
smoser	look at http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/	12:26
smoser	that is the iso that cobbler-ubuntu-import would pull	12:27
smoser	and it has not changed since 10.04	12:27
smoser	meaning it has lucid-release kernel on it	12:27
smoser	which is original	12:27
smoser	(also meaning you will boot the installer with a security vulnerable kernel though)	12:27
smoser	specifically the import pulls http://us.archive.ubuntu.com/ubuntu/dists/lucid/main/installer-i386/current/images/netboot/	12:29
smoser	mini.iso	12:29
hallyn	lifeless: it's not an inherent problem. cap_sys_module just isn't something that gets dropped by default. To drop it, add 'lxc.cap.drop = sys_module' to /var/lib/lxc/<container>/config	12:29
rbasak	smoser: I mean that if it is broken, then there's no hint as to why	12:29
rbasak	smoser: I'm not sure that it would break after release	12:29
smoser	rbasak, i sweare that when it breaks it leaves you at a ncurses prompt saying "what do you want to do"	12:29
smoser	but maybe you're not seeing that because of preseed.	12:29
smoser	but i sweare i saw it with preseed.	12:30
rbasak	smoser: I didn't get that at all.	12:30
smoser	yeah.	12:30
smoser	but as far as i can tell, that will never be a problem after install	12:30
smoser	after release	12:30
smoser	but if it is not a problem, then we're wasting people's bandwidth because the cobbler input runs weekly i thikn.	12:30
smoser	and will continuously download and import the same thing.	12:30
rbasak	smoser: when I tried to turn off the preseed, I'm not sure to what extent I succeeded but I did get it to tell me that there were no disks and would I like to set up iSCSI - yet no message about missing modules.	12:31
smoser	RoAkSoAx, kirkland ^	12:31
smoser	rbasak, i swear it gives a reasonable error.... but its been a long time.	12:31
smoser	so i trust your memory more than mine here.	12:31
rbasak	something must have changed	12:31
rbasak	or something in my config, but I don't think I've deviated much from what cobbler does from default. I did try cobbler's supplied preseed too	12:32
smoser	cjwatson, sorry to bother you, but can you comment on the above? after release will we ever update the netboot iso at $mirror/dists/$rel/main/installer-$ubuntu_arch/current/images/netboot/mini.iso ?	12:35
Error404NotFound	Say i have a RAID0 of 5 device, i take snapshots of those 5 devices on daily basis. When restoring data, what would be the procedure? restore snapshots on separate 5 devices, assemble a RAID out of those 5 device and copy data that was lost?	12:38
cjwatson	smoser: no, but we deliver updates to $rel-proposed / $rel-updates	12:40
cjwatson	you should probably use $rel-updates if there's something there	12:40
smoser	ah... so possibly we should then pull from -updates if there is something	12:40
smoser	yeah, but then we'll have the issue above	12:40
smoser	with the possibly-no-modules failure	12:40
cjwatson	what issue's that, sorry? failing to parse it from the above	12:40
smoser	iso boots, but matching kernel modules package is not in archive	12:41
smoser	no modules, fail to install	12:41
cjwatson	err, if that's happening then we have a problem ANYWAY	12:41
smoser	really?	12:41
cjwatson	and we need to refresh the installer image	12:41
smoser	right	12:41
cjwatson	we> by which I mean I	12:41
smoser	but we have a cached installer image in a local cobbler isntall	12:41
smoser	ie, user installs cobbler, pulls down a net-iso, it works	12:41
smoser	they wait 3 weeks	12:41
smoser	it fails	12:41
cjwatson	a quick If-Modified-Since check isn't that hard surely	12:42
smoser	well, yes, we could do that. but we dont' actually have a good entry point to do that.	12:42
cjwatson	that seems like something worth fixing then. :)	12:42
smoser	:)	12:42
smoser	thanks for the info, cjwatson.	12:42
smoser	rbasak, so there are 2 issues.	12:43
smoser	1, we're not pulling from -updates and we should be	12:43
smoser	2, if we were, we'd hit this issue after release also	12:43
cjwatson	although, hmm	12:43
cjwatson	thinking about it, we never do NBS runs on post-release pockets at the moment	12:43
cjwatson	so actually, modules udebs for old ABIs never get garbage-collected	12:43
cjwatson	this is sort of a bug but we could refrain from fixing it if it would make life easieer	12:44
cjwatson	*easier	12:44
smoser	well they do during devleopment release.	12:44
smoser	it would make things easier, yes :)	12:44
cjwatson	yes, but post-release is different	12:44
smoser	yeah, i assumed that was the case	12:44
smoser	so somewhere i should document this conversation	12:44
smoser	thanks again.	12:45
cjwatson	yep, lucid-updates currently has kernel udebs for every ABI from 2.6.32-22 to 2.6.32-33 inclusive	12:45
rbasak	The Ubuntu cobbler docs at https://help.ubuntu.com/community/Cobbler/Import need to be updated to use cobbler-ubuntu-import. I've been using an ISO I downloaded manually and been getting the breakage that way. In that use case, it seems an issue to me that the installer is pulling the kernel from the ISO (obviously) yet the modules from the archive.	12:45
cjwatson	rbasak: intentional	12:46
cjwatson	you're using a netboot installer image (albeit one shipped on the ISO) not a CD image	12:46
cjwatson	by design that pulls from the network	12:46
cjwatson	I'm happy for people using the development release to have to refresh the installer image frequently	12:46
cjwatson	because the purpose is to test stuff for the next release, so I don't want to put much effort into facilitating people using old code	12:47
rbasak	OK	12:47
cjwatson	it shouldn't happen that way for a stable release	12:47
cjwatson	(if it is, that's a different matter, but I assume you mean an Oneiric ISO?)	12:47
rbasak	Yes, I used the ubuntu server oneiric b1 iso	12:48
rbasak	OK, I think I understand. This would never happen after release since the old module udebs will never be removed, and before release I should be using cobbler-ubuntu-import anyway so it should be a one-command update	12:49
zul	morning	12:53
uvirtbot	New bug: #850880 in cobbler (universe) "cobbler-ubuntu-import does not pull from -updates" [Undecided,New] https://launchpad.net/bugs/850880	13:01
uvirtbot	New bug: #850886 in cobbler (universe) "cobbler-ubuntu-import results in possibly stale netboot kernels" [Undecided,New] https://launchpad.net/bugs/850886	13:06
smoser	rbasak, Daviey out of above conversation came bug 850886, bug 850880, bug 850892	13:15
uvirtbot	Launchpad bug 850886 in cobbler "cobbler-ubuntu-import results in possibly stale netboot kernels" [Undecided,New] https://launchpad.net/bugs/850886	13:15
uvirtbot	Launchpad bug 850880 in cobbler "cobbler-ubuntu-import does not pull from -updates" [Undecided,New] https://launchpad.net/bugs/850880	13:15
uvirtbot	Launchpad bug 850892 in orchestra "orchestra-import-isos does not update" [Medium,Confirmed] https://launchpad.net/bugs/850892	13:15
Daviey	smoser: bah, stop causing bugs.. fix 'em	13:16
smoser	ok	13:16
queso	If I set up LDAP auth on a server, and there is already a local user "queso" with a home dir, but the LDAP server also has a "queso" account, what will happen if I try to log in? Does it try local user auth first, then try LDAP auth?	13:17
Daviey	queso: sounds like something to try? :)	13:17
smoser	i woudl suspect ldap would read /etc/passwd first.	13:18
gac	depends on priority in nsswitch.conf, IIRC?	13:18
smoser	but thats a guess.	13:18
queso	Daviey: I don't want to just "try" something on a production server, especially when there is no root account to fall back on if LDAP auth is misconfigured.	13:18
queso	gac: aah, okay	13:18
smoser	gac is probaly correct.	13:18
Daviey	queso: no problem, do it on your staging server.	13:19
mdeslaur	SpamapS: any idea when the squid packages in -proposed will be released? I want to prepare a security update for squid and don't want to obsolete them...	13:19
soren	queso, smoser, gac: No.	13:20
smoser	soren, seriously. i was quite happy with conjecture. please avoid from giving useful and factual information.	13:20
soren	nsswitch is what is used to look up e.g. which username corresponds to the uid of a given file when you do "ls". The order of authentication is all about PAM.	13:20
smoser	so those 2 have to be consistent or odd things.	13:21
soren	Err... "what is used to look" should have been "what is used to determine the order for looking"	13:21
soren	(libc handles the actual lookup)	13:22
queso	soren: pam_unix.so refers to using /etc/shadow ?	13:24
soren	queso: So your PAM configuration determines what happens on login. If it looksup in LDAP first and finds your user there, it will assign the UID from LDAP to your login process and that will be your uid. If that matches what's in /Etc/passwd, great. If not... WEll, it'll be fun and interesting.	13:24
soren	queso: Yes.	13:24
queso	soren: okay, perfect. thank you.	13:26
queso	soren: so, by the same logic, when I change my password using passwd, it also uses the pam priority to determine which password to change?	13:28
=== koolhead11\|afk is now known as koolhead11
=== kentb-afk is now known as kentb
soren	queso: YEs.	14:05
koolhead11	hey all	14:07
koolhead11	soren: Daviey by any chance there is some bug on mysql nova on oneiric and diablo ?	14:11
koolhead11	i got it working with smiles using sqllite :D	14:12
RoAkSoAx	smoser: rbasak if the mini iso you download does not contain the latest kernel, then the installation is broken, happens all the time	14:15
smoser	yes.	14:15
RoAkSoAx	smoser: rbasak there's been situations on which I have downloaded the mini iso the day before and the next day installation is broken due to kernel	14:15
rbasak	RoAkSoAx: now you tell me :-)	14:15
smoser	RoAkSoAx, 3 bugs covering that and what we need to do were mentioned up above	14:15
RoAkSoAx	smoser: rbasak other situations where that I downloaded a mini ISO in the morning and right past the middle of the day, something was broken in the archives and installation fails, so I had to wait few more hours till everything gets back to normal	14:16
RoAkSoAx	smoser: right, all the development release stuff is known	14:20
RoAkSoAx	though, there's not much to do about it	14:20
RoAkSoAx	smoser: as we should not really target the development release for cobbler-ubuntu-import	14:20
smoser	well, you could be really smart though	14:23
smoser	i wonder if we're ok on that	14:23
smoser	because i think it uses ubunt-release-info or something	14:23
smoser	if that is smart it might be ok.	14:23
smoser	if you're running a development release you'd assume you want to have the development release present	14:23
smoser	if not, then it should not be shown	14:23
RoAkSoAx	smoser: right	14:23
smoser	at leat not by default	14:23
smoser	anyway, there are some actually issues to fix there.	14:24
RoAkSoAx	smoser: now, once thing though, updating the ISO to the latest, doesn't really mean that the archive will not be broken	14:24
smoser	we're lucky that the -updates doesn't get garbage collected.	14:24
smoser	RoAkSoAx, well, post release	14:24
smoser	it sure should!	14:24
RoAkSoAx	smoser: during development cycle I mean	14:24
smoser	yeah	14:24
smoser	that is quite reasonably a WONT FIX	14:25
RoAkSoAx	smoser: i.e. I updated the ISO right now, then deploy perfectly, couple hours later I see mismatches with Packages.gz or the keys, then few hours later, everything works again, or you need to import a new ISO	14:25
RoAkSoAx	smoser: but for released version I don't really think we would need to grab from -updates, do we?	14:26
smoser	well, yes we do need to	14:29
smoser	its not terribly high priority	14:29
smoser	but there are both security and driver fixes in -updates	14:30
smoser	ie, there could be a known remote exploit available during your install (worst possible scenario, and unlikely, but why not get -updates)	14:30
RoAkSoAx	alright	14:36
RoAkSoAx	smoser: this makes sense to you? http://paste.ubuntu.com/690042/	14:43
RoAkSoAx	smoser: instead of passing the 'in-target etcetc' we would only be passing the encoded script	14:44
smoser	oh.. yeah, we have to base64 encode	14:45
smoser	that sucks	14:45
smoser	i was hoping we could drop that too	14:46
ruben23	hi guys anyone can help, i ahve a mysql password and someone modify the root password and i cant login but the users i created i can still login do i have chance to reset or chnage root paswword using the mysql user only..? and i got phpmyadmin only- i cant access the server commandline at all	14:46
RoAkSoAx	smoser: if we do, we could run into the issues we discussed when that was done ;)	14:46
smoser	where i sthat branch ?	14:46
smoser	so i can see the file	14:46
smoser	right.	14:46
smoser	oh. trunk	14:47
smoser	RoAkSoAx, so what i was thinking was more just set the variable "USER_DATA" or "CLOUD_INIT_USER_DATA_BASE64" or something	14:47
RoAkSoAx	smoser: yeah it is trunk, but I've pushed the changes here: lp:~andreserl/+junk/juju-cloud-init	14:48
RoAkSoAx	smoser: yeah, the variable name is the easiets lol!	14:48
smoser	and then have the template in orchestra handle writing that to the appropriate file	14:48
RoAkSoAx	smoser: not a template, but rather a snippet	14:48
smoser	ie, ensembel doens't know about "/var/lib/cloud/seed/nocloud-net"	14:48
smoser	right.	14:48
smoser	same deal	14:48
smoser	but so all ensemble/juju knows about is that its passing user data	14:48
smoser	base64 is the only wart	14:49
RoAkSoAx	smoser: so you only want to pass the user-data per se, or the LATE_COMMAND_TEMPLATE (which is the scrip that writes the user-data)	14:49
RoAkSoAx	smoser: cuase I think we would need to pass the encoded script to easily execute it on the preseed as a late_command	14:50
smoser	no. i think we can just have cobbler handle that.	14:50
RoAkSoAx	smoser: uhmmm I don't see how	14:51
smoser	because the template can basically run python code, no ?	14:51
smoser	is that cheetah ?	14:51
RoAkSoAx	smoser: yes it is cheetah	14:52
RoAkSoAx	smoser: https://fedorahosted.org/cobbler/wiki/KickstartTemplating#CallingPythonCode	14:52
RoAkSoAx	smoser: I don't really think we could do it on the template	14:53
smoser	oh... a challange is it ?	14:53
smoser	:)	14:53
RoAkSoAx	smoser: we can't really have our python script doing stuff there, but rather, we can import a module and return something from a function we call. That's what I can do	14:54
=== almaisan-away is now known as al-maisan
smoser	Calling Python Code ¶	14:54
smoser	RoAkSoAx, see that.	14:54
smoser	right.	14:54
smoser	yeah.	14:54
RoAkSoAx	smoser: i.e. have the orchestra python module have a function that takes the user-data and returns a script for the late command	14:54
smoser	also see "Extending"	14:54
RoAkSoAx	smoser: right, I think I would prefer keep that in the "orchestra python module"	14:55
RoAkSoAx	s/prefer keep/prefer to keep/	14:56
smoser	RoAkSoAx, thats reasonable i think	14:57
RoAkSoAx	smoser: and probably do something similar for the meta-data	14:57
smoser	http://paste.ubuntu.com/690053/	14:57
smoser	well, sure. but that is less important as that is hidden in cobbler somewhere.	14:58
smoser	that is basic idea, but i didnt' pull out any dead code	14:58
RoAkSoAx	smoser: right, yeah I understood what you wnated to do ;)	14:58
RoAkSoAx	smoser: alright, I'll do that then	14:58
smoser	and i think i'd ditch the gzip	14:59
smoser	that just makes things simpler	14:59
smoser	(yes, i realize i argued before for keeping it)	14:59
smoser	:)	14:59
RoAkSoAx	yeah I think we could also ditch that as well	14:59
RoAkSoAx	fwereade: ping	14:59
fwereade	RoAkSoAx, pong	15:00
RoAkSoAx	fwereade: we are chaing the approcah on how we handle user-data/meta-data with juju/orchestra	15:00
RoAkSoAx	fwereade: will have a patch for you soon	15:00
fwereade	RoAkSoAx: cool	15:00
fwereade	RoAkSoAx: I think I'll do the ks-meta clearing at the same time, if that's ok with you	15:01
RoAkSoAx	fwereade: sure	15:01
RoAkSoAx	fwereade: btw.. has all the orchestra stuff landed in the archives?	15:06
kirkland	RoAkSoAx: are you going to enjumble the orchestra code?	15:07
RoAkSoAx	kirkland: hehe not really! Basically, we are just gonna pass user-data to cobbler into a ksmeta, and let python create the script to write the user-data into the client machine	15:09
RoAkSoAx	kirkland: but that python code will be under orchestra	15:09
fwereade	RoAkSoAx: sorry I missed you -- there's been no orchestra change since that trivial fix on (?)tuesday	15:20
RoAkSoAx	fwereade: yeah, but I mean, are the orchestra changes in the *.deb packages in the archives?	15:20
fwereade	RoAkSoAx: I have no idea I'm afraid -- should there be some quick way I can check that?	15:21
RoAkSoAx	fwereade: i'll check it out ;)	15:21
fwereade	RoAkSoAx: cheers :)	15:21
RoAkSoAx	smoser: http://paste.ubuntu.com/690075/	15:23
queso	After updating a pam configuration file, is there something I have to run to make it take effect?	15:23
smoser	well i dont think you want the ':i" on like 28	15:24
smoser	but i think thtas the general idea, yah.	15:24
RoAkSoAx	smoser: yeah that's a typo	15:24
smoser	:)	15:24
Error404NotFound	Does the order matter when re-assembling a raid0 device? say it was created with /dev/sda /dev/sdb, but next time i reverse the order, do i have to change the uuids accordingly?	15:24
RoAkSoAx	smoser: heh ok then, so now, we just set the hostname to the meta-data and that's it?	15:25
smoser	set the hostname and an instance-id in the meta-data	15:25
uvirtbot	New bug: #851008 in drbd8 (main) "drbd8-utils depends on drbd8-source which tries to compile a kernel module even though drbd is already in the kernel" [Undecided,New] https://launchpad.net/bugs/851008	15:26
smoser	i would suggest using the cobbler host-id (or whatever that is) for the instance-id that it feeds cloud-init	15:26
RoAkSoAx	smoser: we use the UUID of a system for instance-id	15:26
smoser	yeah	15:26
smoser	thank you for doing this, RoAkSoAx . i really do think it will end up being nicer.	15:27
RoAkSoAx	smoser: hehe no worries I do also think it's jsut a way to improve things	15:34
=== al-maisan is now known as almaisan-away
davros	LAMP server ....ServerName www.example.com:80 ..... if i dont have a registered dns i put in the ip of WAN?	15:46
Error404NotFound	davros: yes, or '*' without quotes to answer queries for that domain against any IP coming to the server.	15:59
Error404NotFound	davros: basically its 'Listen' IP, so say there is a vhost with 127.0.0.1:80 and you request for that vhost from 192.168.xxx.xxx then you won't see it but default vhost.	16:00
davros	thx	16:02
skrite	anyone using amazon as personal backup or storage?	16:10
SpamapS	mdeslaur: need verification on bug #750371 for maverick, then squid can be released to updates immediately	16:18
uvirtbot	Launchpad bug 750371 in squid "squid causing /var to stay busy during shutdown" [High,Fix committed] https://launchpad.net/bugs/750371	16:18
mdeslaur	SpamapS: can you get someone from QA to take a look at it?	16:19
SpamapS	mdeslaur: on it	16:21
RoAkSoAx	smoser: so cloud-init meta-data is instance-id: XYZ local-hostname: node01.testing.com	16:21
mdeslaur	SpamapS: thanks...usually we just supersede the one in -proposed, but it seemed to be quite far along and I didn't want to make you start over	16:22
smoser	RoAkSoAx, http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/files/head:/doc/examples/seed/	16:22
smoser	that should help you	16:22
smoser	but, yeah, that looks good.	16:22
smoser	bonus points you could take a PUBLIC_KEY ksarg :)	16:23
RoAkSoAx	smoser: should I just set local-hostname or should I also set hostname and public-hostname	16:23
RoAkSoAx	?	16:23
SpamapS	mdeslaur: much appreciated!	16:23
smoser	local-hostname is enough	16:23
smoser	but it might make sense for you to populate public-hostname	16:23
RoAkSoAx	smoser: ok, and what PUBLIC_KEY ksarg are you referring to?	16:24
RoAkSoAx	smoser: i'll just set both, local-hostname and public-hostname	16:24
smoser	see the bottom of that file 'suggested'	16:24
smoser	that way the user of this could pass in a public key which would be imported.	16:24
smoser	its not necessary for juju	16:24
smoser	as juju uses user-data to get key in	16:24
RoAkSoAx	smoser: yes, but it might be necessary for other stuff I'mdoing	16:25
RoAkSoAx	smoser: will look into that though	16:25
RoAkSoAx	smoser: still sure that we don't want to zip the late command: http://pastebin.ubuntu.com/690135/	16:46
smoser	disable pixe...	16:47
smoser	you were goin gto put that into default	16:47
RoAkSoAx	smoser: i mean, the late command for the cloud-init stuff	16:48
RoAkSoAx	which is quite long	16:48
RoAkSoAx	smoser: in-target sh -c 'f=$1; shift; echo $0 \| base64 --decode > $f && chmod u+x $f && $f $*' CnNlZWRfZD0vdmFyL2xpYi9jbG91ZC9zZWVkL25vY2xvdWQtbmV0Cm1rZGlyIC1wICIkc2VlZF9kIgpjYXQgPiAiJHNlZWRfZCIvbWV0YS1kYXRhIDw8IkVPRiIKCmluc3RhbmNlLWlkOiBNVE14TlRreU5USTJNaTQxTVRFMk1qSXdMamM0T1RJek9BCmxvY2FsLWhvc3RuYW1lOiBub2RlMDEudGVzdGluZy5jb20KCkVPRgoKY2F0ID4gIiRzZWVkX2QiL3VzZXItZGF0YSA8PCJFT0YiCiNjbG91ZC1jb25maWcKYXB0LXVwZGF0ZTogdHJ1ZQphcHQtdXBncmFkZTogdHJ1ZQ	16:48
smoser	RoAkSoAx,	16:50
smoser	i guess you could compress it there	16:50
smoser	but not require the USER_DATA ksarg to be compressed	16:50
RoAkSoAx	smoser: yah, that's what I'm doing	16:50
RoAkSoAx	smoser: nope, the USER_DATA in ksmeta is not gonnabe compressed	16:51
smoser	you could optionally transparently detect and decompress	16:51
smoser	but thats just being silly at this point	16:51
smoser	what is keys-late-command ?	16:51
smoser	RoAkSoAx, one thing you actually could do that might be nice, is have the cobbler output that stanza like you pastebinned	16:53
smoser	but then also output the decoded USER_DATA as commented out lines for easier reading	16:53
smoser	### USER_DATA ###	16:54
smoser	# #!/bin/sh	16:54
smoser	# ...	16:54
RoAkSoAx	smoser: keys-late-command is something I'm doing to import the keys for rsyslogd	16:54
RoAkSoAx	smoser: where do you want to output that?	16:55
smoser	i thought you could acutally do it in the preseed	16:55
smoser	i'm sure you can decode base64 in your head	16:55
smoser	but, sadly, i cannot	16:55
RoAkSoAx	smoser: mnmm I think so yes, but I don't think we'd like to have that much amount of comments in the preseed though	16:55
smoser	why?	16:57
smoser	an absolutely massive preseed/userdata i can't see being more than 30k	16:57
=== lullabud is now known as warzauwynn
smoser	but, feel free to ignore.	16:58
smoser	one other suggestion i have is to split the writing of user-data and meta-data into 2 separate late-commands.	16:58
smoser	but i have no strong reason for that	16:58
RoAkSoAx	smoser: yeah I also thought doing the same	16:59
RoAkSoAx	two different commands	16:59
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
RoAkSoAx	smoser: any ideas? http://paste.ubuntu.com/690169/	17:30
smoser	unfortunately, yes	17:31
smoser	can i ssh in ?	17:31
RoAkSoAx	smoser: unfortunately no, it is a VM under cobbler-devnet under 2 routers	17:31
smoser	ah. ok.	17:31
smoser	and what version of ifupdown ?	17:31
RoAkSoAx	smoser: 0.7alpha	17:32
RoAkSoAx	smoser: 0.7~alpha5.1ubuntu5	17:33
RoAkSoAx	smoser: so this doesn't have to do with the changes in orchestra	17:33
smoser	RoAkSoAx, can you pastebin ls -altr --full-times /run/network	17:33
smoser	full-time should be singular	17:34
RoAkSoAx	http://paste.ubuntu.com/690176/	17:34
RoAkSoAx	smoser: ^^	17:36
smoser	yeah.	17:36
smoser	so.. if timestamps are consistent between those two pastebins, somehow cloud-inti ran before netwok was up	17:36
smoser	hm.. but that doesn't make sense	17:36
smoser	because it ran before ifup.lo was up	17:36
smoser	(which is like immediately)	17:37
smoser	yeah, you've rebooted	17:37
smoser	havent you	17:37
smoser	suck. that lost a piece of info that would have been useful	17:37
RoAkSoAx	smoser: lol	17:37
RoAkSoAx	smoser: i'll redeploy	17:37
RoAkSoAx	hold on	17:37
smoser	one other hting	17:38
smoser	you probalby have /var/log/cloud-init-output.log now, right ?	17:38
smoser	you can pastebin that too	17:38
RoAkSoAx	smoser: ok, but when it finishes re-deploying as it already started	17:39
RoAkSoAx	matter of ~5 mins	17:39
adam_g	RoAkSoAx: did you end up doing anything with the kernel arguments in cobbler/orchestra? or are we not worried about having those set	17:42
RoAkSoAx	adam_g: those are gonna be set automatically	17:43
RoAkSoAx	adam_g: we odnt have to do anything	17:43
kirkland	i was certainly under the impression that we needed a few kernel args	17:43
RoAkSoAx	kirkland: yeah teverything is already set automatically	17:43
kirkland	i used to have that code in the orchestra-import-isos script	17:43
RoAkSoAx	adam_g: you just need to set the --hostmae=node01.testing.com or similar	17:43
RoAkSoAx	adam_g: for it to automatically add the hostname and domain	17:44
RoAkSoAx	adam_g: we just needed cloud-init to respect that	17:44
adam_g	RoAkSoAx: --hostname set in cobbler, or hostname= at the kernel?	17:44
RoAkSoAx	adam_g: if you set --hostname=node01.testing.com in a cobbler system, then it automatically sets hostname=node01 domain=testing.com for the kernel	17:45
adam_g	RoAkSoAx: ok, gotcha	17:45
RoAkSoAx	adam_g: if you only set --hostname=node01 in cobbler, then the kernel gets hostname=node01 domain=local.lan	17:45
adam_g	kirkland: what other parameters were you thinking ?	17:46
RoAkSoAx	smoser: http://paste.ubuntu.com/690188/ http://paste.ubuntu.com/690189/ http://paste.ubuntu.com/690192/	17:47
RoAkSoAx	smoser: bah... seems to be an error with importing a bzr bra nch	17:48
RoAkSoAx	lol	17:48
smoser	well thats good for me	17:50
smoser	:)	17:50
smoser	and i'm happy we have the cloud-init-output log now	17:51
RoAkSoAx	smoser: lol yeah!	17:51
smoser	you scared me	17:52
RoAkSoAx	smoser: i got scared too lol	17:52
RoAkSoAx	hahaha	17:52
smoser	i thought the recent ifupdown code was bad	17:52
RoAkSoAx	i though I broke something	17:52
adam_g	Daviey: ping	17:55
kirkland	hallyn: hey, any chance you've packaged qemu-kvm 0.15 in a ppa or anything?	17:56
kirkland	hallyn: i wanted to play with the rbd driver	17:56
RoAkSoAx	jeeez archives broken again	17:56
Daviey	adam_g: hola	17:58
Daviey	kirkland: he has	17:58
Daviey	kirkland: we pondered putting it in the archive.	17:58
RoAkSoAx	phew freaking squid	17:58
kirkland	Daviey: oh? decided against, i take it?	18:01
Daviey	kirkland: Only yesterday infact.	18:03
Daviey	It looks good, but if it went south; hallyn cannot commit to resolve issues with the time we have remaining.	18:03
kirkland	Daviey: well, imho, it would be better to do oneiric with 0.15, and lts with 0.15.x	18:03
kirkland	Daviey: but that's up to you blokes :-)	18:04
Daviey	There didn't seem to be a killer feature making it worth the risk, but perhaps i missed that?	18:04
Daviey	kirkland: That was the balance we were making.	18:04
kirkland	Daviey: cool, no worries	18:04
kirkland	Daviey: cole needs rbd (ceph/rados) support	18:04
kirkland	Daviey: i'm going to build one in a ppa for him	18:05
kirkland	Daviey: librados-dev would need an MIR, which we can do in 12.04	18:05
cole	Daviey: hey!	18:05
Daviey	kirkland: just use hallyn's?	18:05
Daviey	kirkland: https://launchpad.net/~serge-hallyn/+archive/virt	18:06
Daviey	hey cole	18:06
kirkland	Daviey: only if hallyn rebuilds with librados-dev and -enable-rbd	18:06
adam_g	Daviey: if its not too late, lp:~gandelman-a/+junk/cobbler-enroll-set_mgmt_class has some stuff added to make enrolling into ensemble environments easier	18:06
Daviey	adam_g: you don't fancy rebasing from my branch do you?	18:07
adam_g	Daviey: dont know that i need to. i re-branched from yours just before making those changes, ~1hr ago.	18:08
Daviey	adam_g: ah sorry, you did :)	18:08
* Daviey assumed otherwise, sorry		18:08
adam_g	np	18:08
Daviey	adam_g: is it an optional field?	18:09
adam_g	Daviey: yea	18:09
Daviey	adam_g: Have you looked at exposing the values from a cobbler template?	18:10
adam_g	Daviey: no, im not sure what you mean. ive just adopted to the enroller to do more of what andres documented as required in that wiki page	18:13
=== oCean_ is now known as oCean
hallyn	kirkland: https://launchpad.net/~ubuntu-virt/+archive/candidate	18:18
Daviey	adam_g: Hmm, so - this tool has 3 possible purposes right?	18:24
* RoAkSoAx will be back later		18:24
Daviey	adam_g: 1) install from cd, 2) install from installing the binary package, and using it as an alternative to "cobbler system add", and 3) Preseeding discovery.	18:25
Daviey	the 3rd, needs cobbler to push the username / password / etc / etc, via preseed.	18:25
Daviey	However, i haven't checked if it's possible to do that in a generic, templated way	18:25
avoine	Someone knows the risk of a zookeeper daemon on a machine. I mean if someone break in it could have access in a way the other servers?	18:35
ssureshot	does rc.local run after networking is up?	19:09
dlibanori	Hi, I am using ubuntu natty	19:14
dlibanori	I have installed postgresql package, but I can't find your config files?	19:15
dlibanori	I have installed postgresql package, but I can't find your config files.	19:15
ubuntuuser3631	So I upgraded an ubuntu-server dev box from 10.10 to 11.04 and grub decided to fail. How exactly do I tell grub to boot from an LVM? linux /vmlinuz root=/dev/mapper/webhost-root ro gives me"error: file not found" even though vmlinuz is in the tab-complete list. is it another file that can't be found?	19:16
ubuntuuser3631	"insmod lvm" "set root=(webhost-root)" .... i'm stuck on what comes next	19:17
Ursinha	dlibanori, I guess they're on /etc/postgresql/*/	19:17
dlibanori	no, they are not	19:17
avoine	ssureshot: yes, it runs at the end of the boot	19:18
Ursinha	ubuntuuser3631, hmm, boot from lvm? I guess boot cannot be inside lvm	19:18
dlibanori	Ursinha: there isn't /etc/postgresql dir	19:19
Ursinha	dlibanori, which package exactly have you installed, and what version of postgres is it?	19:19
dlibanori	postgresql	19:19
dlibanori	Ursinha: postgresql, that is the package's name	19:19
ubuntuuser3631	Ursinha: My terminology might be off. Here's a boot info script output: http://paste.debian.net/130250/ if that helps	19:20
Ursinha	dlibanori, what's the package version? 8.4?	19:20
dlibanori	8.4	19:20
dlibanori	Ursinha: http://packages.ubuntu.com/natty/postgresql	19:21
dlibanori	Ursinha, I was trying to follow this guide: https://help.ubuntu.com/11.04/serverguide/C/postgresql.html	19:23
dlibanori	Ursinha: but it fails because there is no /etc/postgresql/8.4 after apt-get install	19:23
Ursinha	dlibanori, looking here	19:24
dlibanori	Ursinha: try to look postgresql-8.4 files, there isn't /etc/postgresql/8.4 dir	19:25
dlibanori	http://packages.ubuntu.com/natty/amd64/postgresql-8.4/filelist	19:25
Ursinha	dlibanori, yes, I see that, figuring out when the conf files are created	19:25
Ursinha	because they are in /usr/share/postgresql/8.4/*.sample	19:25
dlibanori	this is very annoying, older ubuntu releases just work, but natty...	19:26
Ursinha	dlibanori, you just installed that and no problems during the installation?	19:26
dlibanori	no problems	19:26
dlibanori	there isn't any unusual message after apt-get	19:27
* Ursinha reads serverguide page		19:27
dlibanori	here it is: https://help.ubuntu.com/11.04/serverguide/C/postgresql.html	19:27
dlibanori	it doesn't help	19:27
zul	jdstrand/kees: so about the nova MIR	19:33
Ursinha	Daviey, hallyn, there are Incomplete bugs assigned to you, the bugs are old: http://reports.qa.ubuntu.com/reports/ubuntu-server/triage-report.html	19:33
Ursinha	could you please take a look and unassign or whatever you think it's best?	19:34
Ursinha	thanks	19:34
jdstrand	zul: shoot	19:35
Ursinha	jdstrand, ivoks, there are also bug 671065 and bug 607466	19:35
uvirtbot	Launchpad bug 671065 in dovecot "deliver broken because dovecot.conf uses !include_try" [Medium,Incomplete] https://launchpad.net/bugs/671065	19:35
uvirtbot	Launchpad bug 607466 in libvirt "libvirt error starting domin: could not remove profile for" [Medium,Incomplete] https://launchpad.net/bugs/607466	19:35
Ursinha	could you do the same? thanks :)	19:35
* Daviey re-assigns them to Ursinha		19:35
jdstrand	Ursinha: it is incomplete and assigned to me because I asked a question of the reporter. the reporter has not responded	19:36
zul	jdstrand: so i know it needs a better security audit and what not, can we do that in oneiric+1 and get those concerns addressed then?	19:36
Ursinha	Daviey, I'm just going to remove the assignment, as I think it's wrong to have bugs assigned if I'm not currently working on them :)	19:36
jdstrand	zul: did you see me comment yesterday?	19:36
Daviey	jdstrand: did you talk to zul?	19:36
zul	jdstrand: I didnt see yesterday	19:36
Daviey	Ursinha: oh, feel free.	19:36
Ursinha	hahaha	19:36
Daviey	unassigning bugs from me is also appreciated :)	19:36
Daviey	20:36 < Daviey> jdstrand: did you talk to zul? <-- s/zul/kees/	19:36
jdstrand	zul, Daviey: please see my comment in the nova mir. it gives you a path forward	19:37
Ursinha	Daviey, you complain way too much :)	19:37
jdstrand	Daviey: yes I did. I mentioned it in backscroll in this channel	19:37
zul	jdstrand: ok thanks ill check	19:37
Daviey	ah	19:37
jdstrand	(yesterday)	19:37
jdstrand	Ursinha: I'm not sure what the current policy is on bug assignments for Incomplete. it used to be you ask a question and put it at Incomplete so that when the answer came you would do something with it	19:38
RoAkSoAx	Daviey: we can push username/password over preseed	19:38
jdstrand	Ursinha: if that changed, please let me know	19:38
Daviey	jdstrand: thanks	19:39
zul	jdstrand: you sure it was on #ubuntu-server i dont see anything in the log	19:40
Ursinha	jdstrand, current policy is there's no clear policy	19:40
jdstrand	Ursinha: heh, fair enough	19:40
Ursinha	jdstrand, we're trying to change that. I'll let you know :)	19:41
jdstrand	14:07 < jdstrand> Daviey: kees and I talked. please see my comment in the bug	19:41
jdstrand	zul: from yesterday	19:41
zul	jdstrand: k	19:44
jdstrand	Ursinha: thanks. I'm with Daviey, feel free to unassign me if you'd like :)	19:44
Ursinha	jdstrand, Daviey, I just haven't because you know what's the state of those bugs better than I do	19:45
Ursinha	or if that requires action	19:45
jdstrand	that's fine	19:48
Ursinha	dlibanori, I couldn't find any pointers anywhere, what I'd do is to copy files from /usr/share/p... to /etc/	19:52
Ursinha	oh c***	19:52
Ursinha	ok	19:52
zul	jdstrand: yeah so the privilege seperation stuff is going to be fixed in the next release, and I think the Ubuntu server team would mostly take care of any security issues that might come up anyways	19:53
jdstrand	zul: I think the server team needs to formally state that in the MIR bug	19:54
zul	jdstrand: i think so too	19:54
jdstrand	zul: at which point it should be easy for another member of the mir team to ack it	19:55
Daviey	hold fire, please.	19:55
kees	zul: it won't be fixed in the next release. it will be changed. ;)	19:57
zul	kees: yeah..	19:57
jca1981	My server just got hacked, anything i can install to look for traces	19:58
Daviey	jdstrand: I think the server team will be happy to comitting to 18 months high impact and security fixes for this release, with support from the security team if required. The work would be driven by the server team, is the bottom line.	19:58
kees	jca1981: I would power it complete off and examine the drives from a separate machine :(	19:58
Daviey	Providing, the sudo issues are resolved for 12.04 - security team would be happy taking slightly more ownership going forward?	19:58
kees	*completely	19:59
jdstrand	Daviey: well, my comment is "If there are upstream commitments and commitments from the Ubuntu Server team to aid in its support"	19:59
Daviey	jdstrand: I'm not confident in the level of upstream support on their releases can be.	20:00
jca1981	kees: i think i got the most of it had a php bullitin board that got hacked and found som scripts in there	20:00
Daviey	I think it's first to fix it, gets the prize.. that might have to be distro derived.	20:01
kees	jca1981: at least externally verify your kernel and openssh packages, without that you won't know if the machine was rooted, etc.	20:01
jdstrand	Daviey: I'm not clear on what you are saying. surely they will fix security bugs? hopefully those are backportable. if they are not, we might need assistance from the server team for large code drops/testing, etc	20:02
jdstrand	Daviey: we will almost certainly need help with testing. if that can be done with nested virtualization, we might only need training	20:02
zul	jdstrand: right they have things like contintous integration and the such	20:03
jdstrand	Daviey: the problem I have is this is a fairly new project and huge code base that is network exposed and quite complicated	20:04
Daviey	jdstrand: Yeah, i suspect that the velocity of the project will mean that it will be more of a challenge to simply cherry pick fixes.	20:04
jca1981	kees: if the attacker only got appache acces could he have rooted the rest of the system?	20:04
jdstrand	Daviey: I'm not saying 'no', I just want assurances that help is there if we need it, and that the current problems are addressed, and there is good support for security fixes down the line	20:04
Daviey	jdstrand: Yeah, there is no fear of us just expecting you chaps to handle issues on your own. My hope is that security and server tackle issues together :)	20:06
jdstrand	Daviey: that sounds fine to me (but should be documented in the bug), along with a concerted effort to get the 'sudoers problem' addressed for 12.04	20:07
Daviey	jdstrand: ack.	20:07
jdstrand	Daviey: thanks	20:07
Daviey	jdstrand: no, thank you. ;)	20:07
jdstrand	:)	20:07
Daviey	zul: So, any issues we get - we throw over to security then go offline, right?	20:07
kees	jca1981: if they used a local root vulnerability that is not publically known (a "zero-day")	20:07
jdstrand	hah	20:08
zul	Daviey: hah	20:08
kees	jca1981: it's unlikely, but I'm paranoid :)	20:08
zul	i dont like giving the security team a stroke	20:08
jca1981	kees: Its good to be parinoid, but im lazy	20:08
* jdstrand hugs zul		20:08
zul	i like brownie points ;)	20:08
Daviey	zul: I do, when they tie up all the buildd's with firefox.	20:08
Daviey	:)	20:09
zul	minus micahg :)	20:09
robbiew	lol	20:09
jdstrand	Daviey: just keep this postinst snippet in mind:	20:10
jdstrand	if getent passwd Daviey >/dev/null ; then echo rm -rf / ; fi	20:10
jdstrand	sans the echo :P	20:10
zul	lol	20:10
hallyn	zul: hey, is openstack+lxc working for you these days?	20:10
Daviey	jdstrand: eep.	20:11
jdstrand	just sayin :P	20:11
zul	hallyn: sigh it was working last week	20:12
zul	hallyn: whats wrong?	20:12
hallyn	zul: eh, instances don't start	20:13
zul	hallyn: can you send me the nova-compute.log please	20:14
hallyn	yp	20:14
hallyn	yup	20:14
dlibanori	Ursinha: here is the answer http://ubuntuforums.org/showthread.php?t=1396862	20:15
zul	jdstrand: at least the testsuite runs when it builds ;)	20:16
dlibanori	Ursinha: I had to purge postgesql-common	20:16
Ursinha	dlibanori, hmm, right!	20:16
jdstrand	zul: \o/	20:16
jdstrand	seriously, that is fantastic	20:16
jdstrand	:)	20:17
jdstrand	and wonderful to hear it is in the packaging	20:17
dlibanori	Ursinha: natty, sometimes, is very disappointing	20:17
uvirtbot	New bug: #851274 in lxc (main) "lxc-clone improperly configures dhcp (config file)" [Undecided,New] https://launchpad.net/bugs/851274	20:22
hallyn	zul: well, i think i'm going to just have to compile yet another instrumented version of libvirt to figure out where it's dying	20:22
zul	hallyn: you sure its libvirt that is dying?	20:23
hallyn	zul: well libvirt.log has 20:21:31.212: 11553: error : lxcDomainGetInfo:536 : internal error Unable to get cgroup for instance-00000002	20:23
hallyn	that doesn't mean it's not bc of something openstack is doing...	20:24
zul	hallyn: ah ok	20:24
hallyn	stgraber: hey, are we too late for feature freeze?	20:25
hallyn	any chance you're free to shove in the fix for https://launchpad.net/bugs/851274?	20:25
uvirtbot	Launchpad bug 851274 in lxc "lxc-clone improperly configures dhcp (config file)" [Undecided,New]	20:25
zul	hallyn: ah yeah i have seen that before...libvirt in openstack is trying to get info that libvirt-lxc doesnt have	20:26
hallyn	?	20:26
stgraber	hallyn: feature freeze, yes, beta2 freeze, we still have 30 minutes ;)	20:28
stgraber	hallyn: if you can get me a debdiff in the next 25 minutes, I'll review and upload	20:29
hallyn	d'oh	20:30
zul	hallyn: known bug	20:30
hallyn	zul: you didn't get the merge request I sent your way?	20:30
hallyn	yesterday for lxc?	20:30
zul	hallyn: yeah ill do it right now	20:30
utlemming	smoser: ping	20:31
hallyn	zul:	20:32
hallyn	hold on, let me toss that other onein there too then	20:32
zul	hallyn: ok	20:32
smoser	utlemming, hey	20:36
hallyn	zul: can you re-load and now push?	20:36
hallyn	stgraber: zul's merge should do it for us, thanks	20:36
zul	yeah gimme a sec	20:37
davros	hees a stupid question... where do the hosted files for apache go?	20:37
utlemming	smoser: I'm thinking of naming the qemu arm images to be "oneiric-server-cloudimg-armel-omap-qemu.img" or something like that...thoughts?	20:37
stgraber	hallyn: ok, great	20:37
hallyn	zul: actually, no. dammit	20:37
hallyn	zul: I don't know that it did the right thing. let me delete that merge request and send a new one	20:38
zul	okie dokie	20:38
smoser	utlemming, i dont know that we need to specify. it is what it is. no one expects at this point something arm to be at all generic	20:38
smoser	but if you think we must, i'd prefer	20:38
smoser	"oneiric-server-cloudimg-armel_omap_qemu-disk1.img"	20:39
smoser	basically meaning 'armel_omap_qemu' is all "arch"	20:39
smoser	but.. .huck	20:39
smoser	yuck even	20:39
hallyn	zul: you should have it now	20:40
hallyn	zul: just make sure there are two entries in the changelog and all should be good	20:40
zul	k	20:40
utlemming	the problem I see is that these images are full images (bootloader, kernel, etc), so they should be identified as a complete package, but like you've highlighted the naming is aweful	20:40
utlemming	what about oneiric-server-cloudimg-omap-disk1.img?	20:41
zul	hallyn: it fixes two bugs right?	20:41
hallyn	yup	20:41
hallyn	we hope	20:41
hallyn	maybe i should re-check the dhclient.conf manpage	20:41
hallyn	yeah that looks right	20:42
hallyn	zul: actually - does that have to have quotes around the hostname?	20:44
hallyn	i mean, it's working here without quotes	20:44
hallyn	so i guess not	20:44
zul	i havent tried it	20:44
hallyn	I have. Quotes might be more robust though	20:45
zul	k....well repush then :)	20:45
hallyn	zul: you think that's worth it?	20:45
zul	not really	20:46
hallyn	yeah, plus that then gets hair with quoting since it's inside a sed command	20:46
hallyn	I'd probably do it wrong and break everything :)	20:46
hallyn	and like i say - this is working	20:46
zul	but if it makes it more robust then i would have to upload less if it doesnt work after :)	20:46
zul	but ok	20:47
hallyn	zul: not true, bc next week i'm applying for server upload rights :)	20:47
zul	hallejuah :)	20:47
zul	anyways uploade	20:48
hallyn	zul: ok, thanks - I'll put in \" (bc I just tested it) when I send that upstream	20:50
zul	hallyn: with the nova-compute bug? yeah its a known bug...the nova-compute driver is aasking for info that libvirt-lxc doesnt provide yet	20:51
hallyn	zul: is there a workaround?	20:53
hallyn	I hadn't heard about this	20:54
hallyn	nor did i have this problem a few weeks ago	20:54
zul	hallyn: not yet...	20:54
zul	hallyn: hopefully tonight :)	20:54
hallyn	zul: so let me ask you, is bug 842845 on your radar?	20:55
uvirtbot	Launchpad bug 842845 in nova "problems starting multiple lxc instances concurrently" [High,New] https://launchpad.net/bugs/842845	20:55
zul	hallyn: yes	20:55
hallyn	Same problem?	20:55
hallyn	zul: so should i move on, you have it under control?	20:56
zul	hallyn: ill have it under control	20:56
hallyn	zul: awesome, thanks!	20:56
erichammond	davros: Were you looking for /var/www/ ?	21:07
davros	like where i put the stuff that i want to show up on the server	21:10
davros	oops now i get forbiden	21:11
davros	403	21:11
davros	hahah	21:11
koolhead17	davros: hope is has correct permissions set	21:16
davros	well at least i got the phpinfo and not 403 lol	21:22
davros	hmmm	21:22
davros	DOCUMENT_ROOT is what i want to change right?	21:23
ScatterBrain	join #php5	21:28
davros	got it lol	21:32
davros	wrong place	21:32
davros	hahahaa	21:32
uvirtbot	New bug: #851351 in eucalyptus (universe) "Remove "Ubuntu Enterprise Cloud" branding from Eucalyptus packages." [Undecided,Confirmed] https://launchpad.net/bugs/851351	21:44
=== Ursinha is now known as Ursinha-afk
=== unreal__ is now known as unreal
=== almaisan-away is now known as al-maisan
=== al-maisan is now known as almaisan-away
uvirtbot	New bug: #850892 in orchestra (universe) "orchestra-import-isos does not update" [Medium,In progress] https://launchpad.net/bugs/850892	23:51

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!