| Durg | hey guys, I posted this yesterday but didn't really get an answer - I'm not sure if this is the right place to ask this, but I'll take a random stab at it; I've got a theoretical question for you guys - I've got a SaaS type service that moves data from one point to another; sometimes, that data is behind a VPN. I've got multiple clients on a single server, so plugging that entire box | 01:34 |
|---|---|---|
| Durg | into the VPN isn't an ideal solution; do you guys think it'd be possible to connect an external "worker box" to the VPN and then connect through that box via a proxy connection? Would that work or am I pounding sand? | 01:34 |
| twb` | That would depend on a bunch of things | 01:44 |
| twb` | Like: is there a proxy available for the protocol in question? | 01:44 |
| smoser | Daviey, where'd that come from ? | 02:01 |
| Durg | twb`: typically, proxies can be configured for any TCP service yeah? | 02:38 |
| jmarsden | Durg: No, application proxies are protocol specific by definition. | 02:39 |
| twb` | Perhaps you should describe the service in more detail | 02:40 |
| Durg | interesting | 02:42 |
| Durg | it's essentially an API to API middleware app | 02:42 |
| Durg | takes data from one enterprise system and moves it into another | 02:42 |
| Durg | such as a CRM to an ERP, ERP to Fulfilment, etc | 02:42 |
| Durg | but it's built around a SaaS model; completely hosted environment, so accessing on-site applications and databases that contain critical customer data is a significant challenge | 02:43 |
| twb` | Is it using a custom layer 7 protocol, or is it layered on top of e.g. HTTP? | 02:43 |
| Durg | HTTP | 02:43 |
| twb` | Then in principle you could use something like squid or nginx as the proxy | 02:44 |
| twb` | Although IIRC HTTP requires the client side to know it's going via a proxy, or for you to do dirty transparent proxy hacks | 02:44 |
| Durg | well, essentially the goal is to be able to access network services and clients for single-use calls; that's why I thought a proxy option might work | 02:46 |
| Durg | the back-end database I'm connecting to might be MSSQL, MySQL, Oracle, etc. or even file-based | 02:46 |
| Durg | might not have an HTTP endpoint | 02:46 |
| Patrickdk | isn't that what soap was made for? | 02:51 |
| Durg | well, REST, SOAP, XMLRPC, but that requires the application to adapt to meet the middleware, not the other way around | 02:52 |
| Durg | my second solution is to build a mini-instance that contains all of the network-specific code and can be accessed by a REST interface, but that raises my cost per client significantly compared to building 5 or 10 relay boxes for my entire network of clients | 02:54 |
| twb` | I don't think I really understand the problem | 02:55 |
| twb` | I'm not saying "there's no problem", I mean that I can't get my head around all the bits | 02:55 |
| twb` | A network diagram and/or user stories would probably help | 02:55 |
| Durg | unfortunately very few do, lol - it's my specialty field | 02:55 |
| Durg | well, here's a use case, that might help | 02:56 |
| twb` | Well, it's also that I don't do stuff like saas much | 02:57 |
| Durg | Company ABC has MAS500, an on-premise based application with an MSSQL database for their finance system, which is blocked off by their firewall (for good reason, it contains critical financial data about the company) - they want to move sales orders from Salesforce.com (SaaS) into their MAS500 instance | 02:58 |
| Durg | so it goes Salesforce -> DatixPanel.com (my middleware app) -> MAS500 | 02:58 |
| Durg | from a low level standpoint, the concept is: | 02:59 |
| Durg | Salesforce -> Message Processing Server - > Action Server (retrieves, transforms and sends data) -> VPN Tunnel -> MSSQL | 03:00 |
| Durg | companies don't want to expose MSSQL through their firewall, because it would pose a significant security risk | 03:00 |
| Durg | so the problem is, how do I get to MSSQL? | 03:01 |
| twb` | Something like stunnel I guess | 03:02 |
| twb` | Er, no, brain fart | 03:02 |
| twb` | No, you know what, a properly secured TLS-encrypted version should be fine to allow through the firewall | 03:03 |
| twb` | I mean that's how stuff like IMAPS and HTTPS work | 03:03 |
| Durg | you know that, and I know that, but they don't want to admit that | 03:03 |
| twb` | OK, so that's not allowed because <customer> is retarded? | 03:04 |
| twb` | I mean plan A is "convince the customer to do it right" :P | 03:04 |
| Durg | lol, of course, but my target audience is small to mid biz, not enterprise | 03:04 |
| Durg | enterprise IT guys typically know that | 03:04 |
| Durg | but small to mid are... frankly, idiots | 03:04 |
| twb` | IME enterprise-level ones are the idiotest | 03:05 |
| twb` | Two-thirds of SMEs will just do what you recommend | 03:05 |
| Durg | well, that's not 100% false either | 03:05 |
| Durg | but typically the CIO is more intelligent than not | 03:05 |
| Durg | and they've typically done something like this with their data in the past | 03:05 |
| twb` | Yeah right | 03:05 |
| Durg | it's more about experience when I say 'intelligent' | 03:06 |
| twb` | My dad was CIO for a multinational for a couple decades, and he doesn't know shit about the lower layers. | 03:06 |
| Durg | I think that's part of the reason they're more willing to say go | 03:06 |
| Durg | lol | 03:06 |
| twb` | He deals with issues more like "how do I convince Cisco to give me a 60% discount" not issues like "why do we even need Cisco" | 03:06 |
| Durg | yeah, that sounds typical | 03:07 |
| Durg | just from my experience, I've had a lot less resistance from enterprise clients than SMEs | 03:07 |
| twb` | I guess it depends on how much their guy trusts you, and whether he realizes that he doesn't know what he's talking about. | 03:07 |
| Durg | well, the goal is to reduce the amount of end-client configuration to as low as possible; so setting up a PPTP login usually requires less effort | 03:09 |
| Durg | unless I'm wrong about that? | 03:09 |
| Durg | I'm a programmer, not a sysadmin | 03:09 |
| Smaug | hey all, I'm looking for a good resource that explains how the permissions of directories affects access to subdirectories and files with differing permissions | 03:09 |
| idlemind | smaug: you talking about permission inheritance? | 03:11 |
| Smaug | idlemind: very possibly | 03:11 |
| Smaug | sounds like it means what i'm after | 03:11 |
| twb` | You can't have that with POSIX DAC | 03:12 |
| Smaug | u have a resource for it? | 03:12 |
| twb` | If you use something else, like POSIX ACLs, NTFS or NFS4 ACLs, then I guess so | 03:12 |
| twb` | I've always put ACLs into the "too hard" basket. | 03:13 |
| idlemind | see acl's i think are really important | 03:13 |
| twb` | (Actually I tell a lie, there is one specific kind of inheritance you can have in POSIX DAC -- setgid dirs. But that's unlikely to be what you want.) | 03:13 |
| Durg | and you guys just blew my little admin mind. | 03:13 |
| Durg | lol | 03:13 |
| idlemind | the fine grained options they give just outweigh the crap out of traditional owner / group / system perms | 03:14 |
| twb` | idlemind: yes but then I have to learn how to use them | 03:14 |
| idlemind | problem is they always come off as an afterthought in linux, the tools just don't seem to be their yet | 03:14 |
| twb` | Personally I'd like to do it properly with grsec RBACs, but ICBF recompiling the kernel on all my hosts | 03:14 |
| twb` | idlemind: yeah that's the other issue | 03:14 |
| idlemind | smaug: https://help.ubuntu.com/community/FilePermissions | 03:18 |
| idlemind | smaug you will probably want to look into using acl's | 03:18 |
| twb` | AFAIK BCP is to use NFSv4 or NTFS acls; not POSIX acls. | 03:19 |
| Smaug | idlemind: thanks for the link, but I'm not sure if that includes what i'm interested in. what I want to know is, if a directory has, for example, drwx------ and a file inside it has -rwxrwxrwx or whatever, what happens? can the file be read by a random user? or not since you can't get into the directory? | 03:31 |
| Smaug | that sort of behavior | 03:31 |
| Smaug | i'll look into ACLs | 03:32 |
| idlemind | http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html | 03:32 |
| Smaug | but from your discussion it appears that they don't always work? | 03:32 |
| idlemind | it's an all or nothing type setting with the default rwx rwx rwx permissions as far as i know | 03:32 |
| idlemind | so acl's (nfs v4 ones) may be your best option to make it behave more like the ntfs file perms you are most likely used to | 03:33 |
| Smaug | idlemind: thanks for the link, it was helpful but also did not answer my question. i am not seeking to make ubuntu behave as ntfs, I am simply attempting to understand how it does behave so I can use it properly | 04:04 |
| Smaug | the umask was a pretty interesting read and i thank you for it | 04:04 |
| idlemind | smaug that's basically it | 04:04 |
| idlemind | when you create a file it doesn't inherit permissions | 04:04 |
| Smaug | one of the questions i am trying to answer, for example, is - if a directory has a set of permissions, how does that affect the permissions of the files inside | 04:04 |
| Smaug | it | 04:04 |
| Smaug | and if the directory does not affect the perms of the files inside it | 04:04 |
| Smaug | what is the point of directory perms | 04:05 |
| Smaug | do you have situations where you cannot cd to the directory but if you know the path of the file you can still access it? | 04:05 |
| idlemind | 1. a directories permissions do not affect the permissions of the files inside only if you can view those files or not | 04:05 |
| idlemind | well i guess i answered both there | 04:06 |
| jmarsden | idlemind: True, but setting g+s affects ownership of files created inside the directory, though! | 04:06 |
| Smaug | so is the answer to my secondn question yes? that surprises me | 04:07 |
| jmarsden | Smaug: Yes, you can set things up so a user cannot read a directory to discover what files are in it, but if the user knows a filename they can read it. | 04:07 |
| Smaug | hmm okay | 04:07 |
| idlemind | well i do stand slightly corrected u+s and g+s would allow you to force inheritance for files created within a directory | 04:08 |
| idlemind | so that maybe something you want to research smaug | 04:08 |
| Smaug | my end goal is being able to add a user to help with creating a website, without letting him have access to other, private parts of the server | 04:09 |
| Smaug | like other sites of my own | 04:09 |
| idlemind | o well that's simple | 04:09 |
| idlemind | when you create the user don't give him a home directory (or assign his home to the web-sites root) and add that user to a group with your other users and assign that group the rwx you want on those files | 04:10 |
| idlemind | you may want to then set the g+s on the web-sites root so that files that user creates inherits the group perms | 04:12 |
| idlemind | ne who i gotta run | 04:12 |
| idlemind | tty laters | 04:12 |
| Smaug | thanks you idlemind | 04:13 |
| DanaG | Just got this oops on natty, when detaching a serial console from byobu: | 05:25 |
| DanaG | http://pastebin.com/E0JU0nmg | 05:25 |
| DanaG | Oddly enough, my znc is still running. | 05:26 |
| DanaG | (10:25:03 PM) DanaG: Just got this oops on natty, when detaching a serial console from byobu: | 05:29 |
| DanaG | (10:25:04 PM) DanaG: http://pastebin.com/E0JU0nmg | 05:29 |
| ThomasB2k | How do I access the GRUB cli when on boot I'm taken directly into Ubuntu without a grub menu? | 06:24 |
| twb` | Hol- oh, he's gone. | 06:31 |
| twb` | Damn impatient kids | 06:31 |
| s10loridr | i changed the ssh port on a 10.04 server, i can not connect to it with the new port (or old port) do i need to regenerate the keys on it after i change the port? I get a connection refused when trying to ssh into it now | 06:39 |
| twb` | Host keys are not port-specific | 06:44 |
| twb` | You probably forgot to deal with the firewall or something | 06:44 |
| greppy | s10loridr: I would check the firewall, and you should be able to run on multiple ports for testing. Just add another "Port 2222" or whatever line, leaving the original "Port 22" there. | 06:49 |
| s10loridr | actually i made a dumb mistake, was editing the wrong fiel | 06:49 |
| s10loridr | i used the ssh_config by accident | 06:49 |
| s10loridr | im an idiot | 06:49 |
| s10loridr | all fixed now, thanks | 06:49 |
| koolhead11 | hi a;l; | 06:56 |
| koolhead11 | *all | 06:56 |
| jamespage | morning all | 07:43 |
| phretor | "error: invalid argument in libvirt was built without the 'gsx' driver" - any chance that I can connect virsh to a GSX hypervisor on 11.04? | 07:46 |
| twb` | phretor: you can rebuild your own version | 07:51 |
| phretor | twb`: well, I'd have preferred not to screw with the packaging system | 07:52 |
| twb` | phretor: since 11.04 is released, you're unlikely to get a new version that has new features enabled | 07:52 |
| phretor | I'm trying to migrate out from vmware | 07:52 |
| twb` | Apparently GSX driver just backs onto HTTP, so I would guess it wasn't in 11.04 because it wasn't in that version of libvirt | 07:55 |
| GeorgeJ | Hello folks | 08:04 |
| GeorgeJ | My base instalation of ubuntu server 11.04 seems to come with udhcpd as a default dhcp daemon. Can I change it to ISC? | 08:04 |
| phretor | when I upgraded from 10.10 to 11.04, GRUB attempted to boot Xen DOM0. Does this have to do with the upgrade, or I installed Xen stuff by mistake? | 08:07 |
| twb` | GeorgeJ: try apt-get install isc-dhcp-client | 08:08 |
| GeorgeJ | Aye, just did so, I was just a bit confused because dhcpd3-server did not exist in /etc/init.d | 08:08 |
| soren | phretor: You must have installed Xen. By mistake or not, I can't say :) | 08:09 |
| soren | phretor: It's most certainly not part of the standard upgrade procedure. | 08:09 |
| twb` | Didn't kernels recently get the ability to be dom0's OOTB ? | 08:09 |
| soren | Yes. | 08:09 |
| phretor | soren: I should go for libvirt/kvm instead, right? | 08:09 |
| smb | Kernels, yes. But to boot in that mode you need xen-hypervisor | 08:09 |
| soren | phretor: If you're not on ancient hardware, yes. | 08:10 |
| twb` | just checking | 08:10 |
| soren | twb`: Right, they can act as dom0, but you still need the Xen hypervisor to run first (which then in turn runs the dom0 kernel). | 08:10 |
| phretor | soren: I've got a Dell PowerEdge 1950 with 8 cores and 8G of RAM. smb: what do you mean by "to boot in that mode"? | 08:10 |
| smb | Normal upgrade should not pull that hypervisor package. | 08:11 |
| soren | twb`: So a standard install can't function as a Xen host. You must manually choose to install the Xen hypervisor. | 08:11 |
| smb | Unless somebody put it into a meta package that pulls it. | 08:11 |
| soren | phretor: KVM is what I'd recommend for sure. | 08:11 |
| Daviey | soren: I bought a server last year that oddly, Intel excluded virt extensions. | 08:11 |
| Daviey | fairly modern CPU aswell. | 08:11 |
| soren | Daviey: True. | 08:12 |
| smb | phretor, In that mode means the xen hypervisor is booted and loads a kernel as dom0 | 08:12 |
| phretor | smb: maybe I installed xen on 10.10 and then disabled it and forgotten. And the upgrade simply reactivated it by mistake. | 08:12 |
| soren | Daviey: They still produce new models that don't have the virt extensions. The feature support matrix of Intel processors is a massive clusterfuck. | 08:12 |
| Daviey | smoser: slow reply, must have been an issue in my bundling. | 08:12 |
| twb` | soren: that's for price differentiation | 08:13 |
| soren | twb`: potato, potato. | 08:13 |
| twb` | soren: like "$100 more for the VT version!!1!" | 08:13 |
| twb` | It shits me that the only atoms that have VT are the pouslbos | 08:13 |
| smb | phretor, Maybe. I have not checked really, but the last working xen hypervisor I know of in Ubuntu was 8.04. | 08:13 |
| twb` | OTOH my main machine I'm switching to ARM this month, and I managed to get the only one that doesn't have SIMD (NEON) :-/// | 08:14 |
| * smb misses a "was" | 08:14 | |
| smb | Sorry not fully awake, yet | 08:14 |
| soren | AMD gets this right. They don't mix and match features. Each new processor offers a superset of the features of its predecessor. There might be the odd exception to this rule, but it's just that: and odd exception. Intel offers virtually any combination. | 08:14 |
| twb` | soren: I guess my point was just that it's a *deliberate* clusterfuck | 08:14 |
| soren | twb`: True, and good point. | 08:15 |
| phretor | smb: ah, true, I migrated all the way from 8.04 -> 8.10 -> 9.04 -> 9.10 -> 10.04 -> 10.10. | 08:15 |
| smb | phretor, Ah ok. Hm, interesting to remember that xen can be that persistent... | 08:16 |
| soren | Well, if you've had the hypervisor installed, but not had a kernel that could be a dom0, you're fine. | 08:17 |
| Daviey | smb: I believe you are correct about 8.04 being the last working xen hypervisor release, which is why the buildd's never upgraded to Lucid. | 08:17 |
| phretor | smb: http://paste.pocoo.org/show/478406/ | 08:17 |
| Daviey | soren: I was rather unhappy.. i stopped checking virt extensions before purchase as it seemed they all had them now.. being left with a lemon made me cry. | 08:18 |
| smb | Daviey, yep. And thats why they really like us to have something before Hardy goes out of service. :) | 08:18 |
| soren | Now that the standard kernels can be a dom0, and you happen to have a hypervisor installed (which would have been useless for the past X releases), suddenly you'll boot into Xen. I guess this is somethis update-manager should warn about. | 08:18 |
| Daviey | smb: Yep, which is why we single-handed pushed xen into mainline :P | 08:18 |
| twb` | smb: good luck with that | 08:19 |
| twb` | smb: wasn't xen axed in lucid, along with vserver and openvz? | 08:19 |
| * twb` bitches about LXC not being ready in .32 | 08:19 | |
| soren | twb`: It was axed right after ahrdy because it wasn't supportable (not being in mainline) | 08:19 |
| soren | ...but now it's in mainline, so it's a different story. | 08:19 |
| twb` | soren: non-LTS releases don't matter anwyay | 08:20 |
| twb` | They are just an ephemeral fog | 08:20 |
| soren | twb`: Also, the dom0 kernel in Hardy wasn't in main. | 08:20 |
| twb` | Nor was openvz or vserver, shrug | 08:20 |
| smb | soren, phretor Maybe that is related to the old 3.1 hypervisor. On my test system with the 4,1 one there is a special grub entry for starting as xen and it is not the first thing | 08:20 |
| twb` | And current lucid-security .32 has LXC support disabled to keep stupid vsftpd happy :-/ | 08:21 |
| phretor | smb: that was 3.3 | 08:21 |
| soren | twb`: whuh, really? | 08:21 |
| twb` | yeah | 08:21 |
| smb | twb`, Not so much axed as ignored as it was already enough pain to drag a patchset for getting a pv-ops domU | 08:21 |
| twb` | SOmeone noticed that vsftpd used cgroups and DOSd it, so the "fix" was to disable cgroups (thus, no LXC), rather than to, I don't know, turn off that feature in vsftpd | 08:21 |
| smb | soren, twb` It has net namespaces disabled | 08:22 |
| twb` | smb: still annoying, because the upgrade path from hardy openvz was to lxc, which IMO isn't ready as at .32 | 08:22 |
| Daviey | twb`: It's all very well identifying failings... people tend to come to UDS to help fix these things. ;) | 08:22 |
| smb | Right, because you can create them quick but it takes about two seconds for each to get torn down in Lucid | 08:22 |
| twb` | Daviey: go stick your head up a dead bear's bum :P | 08:22 |
| Daviey | heh | 08:23 |
| smb | twb`, The option would be to take one of the backport kernels | 08:23 |
| twb` | smb: yeah, that's what I'm doing now, I just don't like it | 08:23 |
| twb` | I would just prefer vsftpd be penalized for being stupid | 08:23 |
| smb | Well, _if_ vsftp is the only thing | 08:23 |
| smb | Which you never can say | 08:23 |
| twb` | Yeah yeah, I know you're right | 08:24 |
| twb` | I'm probably extra pissed off because the power outage that triggered the new .32 kernel happend at like 4AM sunday | 08:24 |
| twb` | And it was totally unexpected that it LXC would Just Not Work anymore after a kernel -n+1 update | 08:25 |
| smb | twb`, Yes, I can understand that. I'd preferred to have had another option. Or at least a way to warn about the change | 08:27 |
| twb` | I'm mainly just venting (again) | 08:27 |
| twb` | FWIW libvirtd-bin has been doing OK, apart from ridiculous errors from the stupid broken virt-managers in lucid and natty | 08:28 |
| twb` | e.g. apparently natty's v-m goes "oh, you are connecting as chris, I will just add /home/chris on the server, which has a root_squashed /home, as a VM volume. And then try to scan it all the time" | 08:29 |
| soren | twb`: When was this kernel update, btw? | 08:29 |
| twb` | Dunno, there's a ticket in LP about it | 08:29 |
| twb` | [Bug 790863] Re: Unable to start lxc container after update to 2.6.32-32 | 08:30 |
| uvirtbot | Launchpad bug 790863 in linux "Unable to start lxc container after update to 2.6.32-32" [Critical,Confirmed] https://launchpad.net/bugs/790863 | 08:30 |
| soren | Oh, a long time agi. | 08:30 |
| soren | ago, even. | 08:30 |
| twb` | qemu/kvm and me are BFFs, tho. I can do ttyS0 and TFTP booting and stuff, /me love. | 08:32 |
| soren | And looking at an architecture diagram of kvm doesn't make me facepalm unlike the equivalent for Xen. | 08:33 |
| === almaisan-away is now known as al-maisan | ||
| twb` | Eh, isn't xen designed by the same people that try to use microkernels in the real world? | 08:33 |
| soren | Xen is a microkernel. | 08:34 |
| twb` | There you go then | 08:34 |
| soren | But that's hardly the worst of it. | 08:34 |
| stiv2k | is there a program that I can run on my server that will forward ports in my router via uPnP for me? so if I switch it between wireless / wired i dont need to manually change port forwarding settings... etc | 08:35 |
| twb` | About as clever as hurd or ntoskrnl :P | 08:35 |
| twb` | stiv2k: last time I looked, UPNP was basically a big hole that said "exploit me!". Do you really want that? | 08:35 |
| stiv2k | twb`: i dont know much about that, can you elaborate | 08:35 |
| twb` | If mean if you're doing port forwarding maybe you want more like SOCKS5 (ssh -D) or something | 08:36 |
| stiv2k | twb`: its just to make the machine visible from behind a NAT device | 08:36 |
| stiv2k | it happens to have a wireless card and i'd like to make it easier to switch between the two interfaces | 08:36 |
| twb` | Oh one of THOSE. Is Ubuntu running on the router, or is it some crappy vendor-provided vxworks image? | 08:36 |
| stiv2k | while still keeping the machine visible on the net | 08:37 |
| stiv2k | it runs a custom fw | 08:37 |
| twb` | Like OpenWRT? | 08:37 |
| stiv2k | Tomato | 08:37 |
| stiv2k | same idea | 08:37 |
| twb` | Are the wifi and ethernet networks bridged together (on the router)? | 08:37 |
| stiv2k | how to tell? | 08:37 |
| twb` | Pastebin the output of "ip a" and "ip r" for each network | 08:38 |
| twb` | If they're the same range (e.g. 192.168.0/24), then they're bridged | 08:38 |
| twb` | Since you don't know, they probably are | 08:38 |
| twb` | In which case, the easiest solution would just be to make sure you use the same IP address regardless of which interface you're using. | 08:39 |
| stiv2k | hold on | 08:39 |
| stiv2k | let me ssh in | 08:39 |
| twb` | Failing that, rather than UPNP you could just ssh into tomato and use a shell script | 08:39 |
| jamespage | Daviey: any chance you could sponsor the MP for bug 852019? | 08:40 |
| uvirtbot | Launchpad bug 852019 in octopussy "Octopussy not installable due to renamed dependency" [High,In progress] https://launchpad.net/bugs/852019 | 08:40 |
| stiv2k | twb`: the router has a lot of interfaces | 08:40 |
| stiv2k | br0, eth0, eth1, lo, vlan0, vlan1 | 08:40 |
| Daviey | jamespage: no, because i hate you. | 08:40 |
| * jamespage is feeling the love this morning :-) | 08:41 | |
| stiv2k | vlan1 has my public ip | 08:41 |
| twb` | stiv2k: no, the interfaces on your laptop or whatever | 08:41 |
| stiv2k | oh | 08:41 |
| Daviey | jamespage: crappy weather for you aswell? | 08:42 |
| twb` | SOmething like http://paste.debian.net/130942/ | 08:42 |
| jamespage | Daviey: meh - kinda average here | 08:42 |
| stiv2k | twb`: wtf is ip a ? | 08:42 |
| twb` | A command. | 08:42 |
| twb` | Like "ifconfig" only not shit | 08:42 |
| stiv2k | twb`: http://pastebin.com/GWRpJcNm | 08:43 |
| stiv2k | hahaha | 08:43 |
| stiv2k | i use wicd to connect to the wireless network | 08:44 |
| twb` | stiv2k: yeah, OK, now check if when you switch to wired, it also gets a 192.168.1/24 address | 08:44 |
| stiv2k | twb`: it does | 08:44 |
| twb` | OK, so then just make sure you get the same IP on both | 08:44 |
| stiv2k | hmm ok | 08:44 |
| Daviey | great, LP seems OOPsy today :( | 08:44 |
| twb` | Not that the same time; I mean whichever you're on, it is always (say) 192.168.1.10/24 | 08:44 |
| stiv2k | what if the wired connection is plugged in and wireless is still on too? | 08:44 |
| twb` | stiv2k: then it explodes | 08:45 |
| twb` | stiv2k: but it should explode in that case anyway | 08:45 |
| stiv2k | will the machine become unreachable | 08:45 |
| stiv2k | to anyone | 08:45 |
| twb` | Depends | 08:45 |
| twb` | Probably something like RPF will just throw away half the packets | 08:45 |
| stiv2k | what is RPF | 08:45 |
| twb` | Magic | 08:46 |
| twb` | Short version is: make sure you don't raise both networks at once | 08:46 |
| stiv2k | there is a wireless switch on the machine | 08:46 |
| twb` | (It *can* be done, but it's a huge pain in the arse and you don't want to do it.) | 08:46 |
| stiv2k | i just need to remember to disable the wireless before plugging in the ethernet | 08:47 |
| stiv2k | i should test it out | 08:47 |
| stiv2k | i imagine it would still destroy all the existing connections | 08:48 |
| stiv2k | meaning i would get kicked off irc and all my clients would get kicked off too | 08:49 |
| stiv2k | ok here we go | 08:50 |
| twb` | stiv2k: or script it to do so | 08:50 |
| twb` | SOmething dirty like this http://paste.debian.net/130943/ | 08:52 |
| stiv2k | hello | 08:55 |
| stiv2k | i'm still here | 08:55 |
| stiv2k | cool | 08:55 |
| stiv2k | it worked, twb` | 08:55 |
| stiv2k | twb`: how would i script the system to do that | 08:56 |
| Markslap | Good day everyone. I'm trying to enable and use IPv6 on my Ubuntu Server 11.04-machine, I've tried to add my IPv6 address to eth0 (I still want to be able to use IPv4) and add the correct route, but nothing seems to work. And this https://wiki.ubuntu.com/IPv6 article did not help at all, it's just about tunneling. | 08:56 |
| Markslap | And it's on the machine that the problem is, not the network. :) | 08:56 |
| twb` | stiv2k: to do what? | 08:59 |
| stiv2k | yo, wtf | 09:00 |
| stiv2k | every time i plug in the cat5 cable, it gets a dynamic ip | 09:01 |
| stiv2k | i have to do /etc/init.d/networking restart | 09:01 |
| stiv2k | and THEN it gets the static ip i assigned it | 09:01 |
| twb` | Markslap: you should already have an IPv6 address listed in "ip a", that is autonegotiated a la IPv4's zeroconf | 09:01 |
| Markslap | inet 78.46.87.39/27 brd 78.46.87.63 scope global eth0 | 09:02 |
| Markslap | inet6 2a01:4f8:120:14e1::10/64 scope global | 09:02 |
| phretor | has anyone deployed openstack or eucalyptus on ubuntu yet and want to share thoughts? | 09:02 |
| Markslap | Like that? | 09:02 |
| twb` | Markslap: well, yes, that's your IPv6 address | 09:02 |
| stiv2k | twb`: http://stats.stiv2k.info | 09:02 |
| stiv2k | tell me you like my load averages | 09:03 |
| twb` | stiv2k: doesn't work. You shouldn't be using PHP anyway | 09:03 |
| stiv2k | huh | 09:03 |
| stiv2k | so its not visible then | 09:03 |
| stiv2k | whats not working? | 09:03 |
| twb` | stiv2k: I get a response, but there's no load average there. | 09:03 |
| stiv2k | what do you see? | 09:04 |
| twb` | http://paste.debian.net/130947/ | 09:04 |
| Markslap | twb`: Mkay, but when I tell Irssi to use that IP address i just get this error when trying to connect to a IPv6-enabled server: 11:04:21 -!- Irssi: Unable to connect server efnet.xs4all.nl port 6667 [No route to host] | 09:05 |
| stiv2k | what...oh | 09:05 |
| stiv2k | twb`: stop being a smart ass | 09:05 |
| stiv2k | you could have just said "i dont have a browser" | 09:05 |
| twb` | stiv2k: if you expect me to be using a browser with js, or css, or colour, or images, you are wrong. | 09:05 |
| twb` | My browser implements HTML. That's it. | 09:05 |
| stiv2k | lol | 09:05 |
| stiv2k | so you can't look at at like... 90% of the internet | 09:06 |
| twb` | It means I have a nice consistent interface and you stupid webdevs can't fuck it up or spam me with ads | 09:06 |
| twb` | stiv2k: yes, the 90% that is where 4chan and youtube and other useless time-wasters hang out | 09:06 |
| twb` | technical and academic resources work just fine | 09:06 |
| stiv2k | hehehe | 09:06 |
| twb` | (Except blackboard, but that's retarded.) | 09:06 |
| stiv2k | twb`: i use youtube for technical and academic resources all the time | 09:07 |
| ersi | Now now, stop quibbling. You got different needs and tastes. | 09:07 |
| twb` | IME there are no technical youtube videos where you can't jsut throw away the video stream | 09:07 |
| twb` | In any case, mplayer can do youtube better than some silly browser | 09:07 |
| twb` | ersi: right. It's just MY needs are more important :P | 09:08 |
| stiv2k | lmao | 09:08 |
| stiv2k | anyhow | 09:08 |
| stiv2k | what i was saying earlier was | 09:08 |
| stiv2k | can i write a script that will bring wlan0 down upon plugging in the ethernet cable | 09:08 |
| stiv2k | or bring wlan0 up upon disconnecting it | 09:08 |
| twb` | stiv2k: on plugging it in, or on DHCP completing? | 09:08 |
| twb` | I showed you how to do the latter | 09:08 |
| stiv2k | i dont use dhcp | 09:09 |
| twb` | The former would go in /etc/network/if-up.d or so | 09:09 |
| stiv2k | otherwise i wouldnt be able to get my port forwards to stay consistent | 09:09 |
| twb` | Sure you woud | 09:09 |
| twb` | *would | 09:09 |
| stiv2k | explain? | 09:09 |
| twb` | Just teach the DHCP server to supply the correct IP | 09:09 |
| stiv2k | hmmm | 09:09 |
| twb` | Admittedly that might be hard to make it send the same IP to both | 09:09 |
| twb` | But failing that you could tell your DHCP client to refuse leases that don't match, and to specifically ask for the lease you want | 09:10 |
| twb` | You'd have to make sure you released the lease on the old iface before switching, tho | 09:10 |
| stiv2k | i think im going to finally fall asleep | 09:12 |
| stiv2k | 5:12am | 09:12 |
| twb` | Likewise | 09:12 |
| koolhead11 | kim0: | 09:17 |
| kim0 | koolhead11: hey man | 09:17 |
| koolhead11 | came to know about this company called system76 they sell hw with only ubuntu as sw on it. :D | 09:18 |
| koolhead11 | os | 09:19 |
| koolhead11 | Daviey: hello | 09:20 |
| kim0 | yeah some nice laptops there I guess :) | 09:21 |
| Daviey | hey koolhead11 | 09:23 |
| koolhead11 | kim0: they are selling servers too man. :D | 09:25 |
| Daviey | rbasak: Fancy reviewing a branch for me please? | 09:51 |
| rbasak | Daviey: sure | 09:52 |
| Daviey | rbasak: it's updating the diff... but https://code.launchpad.net/~davewalker/ubuntu/oneiric/dnsmasq/add_dnsmasq-utils_package/+merge/75988 | 09:53 |
| * rbasak waits | 09:57 | |
| Daviey | maybe i borked it by requesting a merge before LP had scanned the branch | 09:58 |
| koolhead11 | rbasak: hey | 10:11 |
| rbasak | hey koolhead11 | 10:11 |
| koolhead11 | how have you been? and is cobbler thing got solved for you? | 10:12 |
| koolhead11 | rbasak: am waiting for your blog on same. :D | 10:14 |
| rbasak | I got it working in the end, thanks. There were a few hurdles - remind me of the one you are thinking about? | 10:14 |
| rbasak | Was it the installer not finding the disk and ending up in a loop? | 10:15 |
| Daviey | jamespage: Do you fancy review and if suitable sponsoring, https://code.launchpad.net/~allison/ubuntu/oneiric/backuppc/bug-852484/+merge/75973 ? :) | 10:24 |
| jamespage | Daviey: sure - lemme just finish up what I am working on | 10:25 |
| Daviey | jamespage: no hurry. | 10:25 |
| jamespage | Daviey: ack | 10:25 |
| rbasak | Daviey: should I be testing the build? In principle it looks good to me. What's the purpose of the Conflicts: line, and if to stop it going with a previous version before the new package, then surely it should be against 2.58 and not 2.40? | 10:41 |
| * rbasak isn't really sure how to go about doing a review here | 10:42 | |
| Daviey | rbasak: My assumption was that the contrib script wasn't in <2.40. | 10:44 |
| Daviey | rbasak: Is there anything cosmetic, does it build, does the new binary deb contain files you'd expect? | 10:45 |
| Daviey | does the damn thing install? | 10:45 |
| Daviey | pick a few of the above. | 10:45 |
| rbasak | Daviey: but the contrib scripts are built in the source. What's that got to do with a binary dependency? | 10:45 |
| Daviey | Tear me apart. kkthnx | 10:46 |
| Daviey | rbasak: Yes, but i assumed the upstream source of <2.40 didn't include contrib/wrt/dh* | 10:46 |
| Daviey | oh | 10:47 |
| rbasak | yeah but why would one need a conflicts for that? A binary built from this source would have them | 10:47 |
| Daviey | rbasak: honestly, i don't know.. perhaps <2.40 produced the same binary? | 10:47 |
| Daviey | NFI, it's a change that came from the debian maintainer. | 10:48 |
| rbasak | I don't suppose it matters | 10:48 |
| Daviey | But good question, one that i now want to find out. | 10:48 |
| rbasak | That was the one thing in the diff I didn't understand, that's all | 10:48 |
| Daviey | rbasak: Great, so add a comment to the merge proposal, if you approved it - i'll upload it. If it turns out to be bad, i'll blame you.. thanks :) | 10:50 |
| jamespage | Daviey: minor version bump with just bug fixes does not need a FFE right? | 10:50 |
| Daviey | jamespage: correct-a-mundo. | 10:50 |
| jamespage | coolio - lgtm - uploading now | 10:50 |
| rbasak | Daviey: :-) | 10:50 |
| Daviey | jamespage: rocking. | 10:50 |
| rbasak | Daviey: I need to do a build test first though | 10:50 |
| Daviey | jamespage: I raised the "Please Merge" bug and put that as a comment :P | 10:50 |
| jamespage | doh! | 10:51 |
| jamespage | missed that comment | 10:51 |
| jamespage | Daviey: gah - not in the ubuntu-server packageset! | 10:52 |
| nijaba | smile of the day http://www.datamation.com/news/tech-comics-finding-a-job-in-the-cloud-computing-era-1.html | 11:02 |
| koolhead11 | nijaba: sysadmins will get it all if amazon goes for toss!! :D | 11:07 |
| Daviey | jamespage: rly?! | 11:10 |
| Daviey | jamespage: I was sure it was :/ | 11:10 |
| Daviey | nijaba: heh | 11:11 |
| jamespage | Daviey: backuppc_3.2.1-1ubuntu1_source.changes rejected | 11:12 |
| jamespage | quack quack oooppps | 11:12 |
| jamespage | normally check before I upload but not today :-) | 11:12 |
| Daviey | rbasak: You'll notice that i didn't include the manpages as a patch. That package doesn't have a patching system, and i was hessitant to introduce one. So i included the mangpages directly. The other thing i could have done, was put them in debian/ .. but I wanted to align as close to possible to the Debian package for easier future merge/syncing. | 11:12 |
| Daviey | jamespage: yeah, it looks like a package we subscribe to for bug triage, but not in the damn package set. | 11:13 |
| Daviey | jamespage: hurry up and get coredev :) | 11:13 |
| jamespage | Daviey: thats not fixing the problem tho | 11:13 |
| jamespage | there are quite a few I expected to be in the package-set which are not | 11:13 |
| jamespage | I know that I'm currently the only 'just' ubuntu-server-dev | 11:14 |
| jamespage | but I expect there to be more in the next 6 months | 11:14 |
| Daviey | jamespage: This is a problem. :( | 11:14 |
| Daviey | yeah. | 11:14 |
| soren | jamespage: Do you have a list? | 11:14 |
| Daviey | soren: of the packageset? | 11:14 |
| soren | Of the delta between the packageset and the subscribed packages. | 11:14 |
| soren | It shouldn't be a big deal to sort that out. | 11:15 |
| jamespage | soren: I don't but I could generate one | 11:15 |
| Daviey | soren: I do have a script i wrote to compare. | 11:15 |
| jamespage | in which case I won't :-) | 11:16 |
| soren | Daviey: so why is there still a delta? :) | 11:16 |
| soren | This must have been a point of discussion before (otherwise why did you write that script?). | 11:16 |
| Daviey | soren: The script was actually to produce the report, which is based on all packages in both the subscribed and packageset.. measuring the delta came as a freebie. | 11:17 |
| soren | Ah. | 11:17 |
| soren | Who signs off of additions to the packageset? | 11:17 |
| Daviey | jamespage: at least you can upload gimp. | 11:17 |
| soren | I forget. | 11:17 |
| jamespage | w00t | 11:18 |
| jamespage | I'm always doing that | 11:18 |
| Daviey | soren: technically the TB, but i think cjwatson can throw stuff on there that is logical. | 11:18 |
| Daviey | hmm, perhaps even the DMB. | 11:18 |
| Daviey | ego, it;s not clear. | 11:18 |
| Daviey | ergo* | 11:18 |
| soren | That's what I thought. | 11:19 |
| jamespage | Can't we add them to some sort of seed that gets them in the right packageset (think I asked this question on -devel) | 11:19 |
| Daviey | jamespage: Yeah, i think that is the expectation. | 11:19 |
| Daviey | However, not all packages in the packageset should be seeded. | 11:20 |
| cjwatson | false | 11:20 |
| cjwatson | the ubuntu-server package set is constructed only of seeded packages | 11:20 |
| Daviey | cjwatson: You don't think Server developers should have upload access to things like asterisk (universe)? | 11:20 |
| cjwatson | I think (a) you should get it into main if your team is interested in maintaining it (b) I don't see why qualified server developers can't get MOTU | 11:20 |
| soren | jamespage: Why can you upload gimp, by the way? | 11:21 |
| Daviey | soren: we seed one of it's binary packages. | 11:21 |
| soren | *blink* | 11:21 |
| soren | Erm. ok. | 11:21 |
| Daviey | GUI-less image manipulation, think for PHP | 11:22 |
| soren | Ah. | 11:22 |
| * soren needs lunch | 11:22 | |
| jamespage | that sounds like a good idea | 11:22 |
| jamespage | Daviey: BTW eucalyptus-commons-ext now builds from source again | 11:23 |
| jamespage | boy did that package make me feel dirty :-) | 11:23 |
| Daviey | cjwatson: I agree, but it doesn't exactly make the packageset useful if you really need to have MOTU aswell. | 11:23 |
| Daviey | jamespage: \o/ | 11:23 |
| cjwatson | I'm not happy with maintaining an arbitrarily extensible package list that has to be maintained by manual requests to me | 11:23 |
| cjwatson | that sucks | 11:23 |
| rbasak | Daviey: yeah the package doesn't really have anything does it? :) | 11:24 |
| cjwatson | if you have broad enough capabilities to contribute to a wide range of packages in universe, get MOTU | 11:24 |
| Daviey | cjwatson: Can it not also be linked to the packages the team subscribe to? | 11:24 |
| cjwatson | far too little access control on subscribing a team to things | 11:24 |
| cjwatson | I'm not at all happy with using that to grant upload access | 11:24 |
| cjwatson | I want an audit trail | 11:25 |
| uvirtbot | New bug: #853791 in chkrootkit (main) "chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated (dup-of: 623144)" [Undecided,New] https://launchpad.net/bugs/853791 | 11:26 |
| Daviey | cjwatson: IMHO ~ubuntu-server should not just be looking after things in main. ubuntu-server not having upload access to the things we claim to look after, feels wrong. | 11:27 |
| cjwatson | it might be possible to construct an "interested" seed or something which is not considered for promotion to main | 11:27 |
| Daviey | Especially as we want to try and grow contributors. | 11:27 |
| Daviey | cjwatson: that sounds ideal | 11:28 |
| cjwatson | the Ubuntu project as a whole wants to grow contributors | 11:28 |
| cjwatson | I'd quite frankly be much happier with people targeting this kind of breadth going through the MOTU -> core-dev chain | 11:28 |
| Daviey | cjwatson: Other corners of the project are not suffering from lack of contributors as we are. | 11:28 |
| cjwatson | rather than being siloed off into ubuntu-server-dev | 11:28 |
| cjwatson | jamespage is a classic example of somebody who historically would've had no problem with that | 11:29 |
| Daviey | Well yes, but PPU's etc was created purely to give granular access.. when really, we are going to find that there is a subset of stuff people do not have access to. | 11:30 |
| cjwatson | (PPU is different, let's not conflate) | 11:31 |
| Daviey | In the current form, the packageset serves little purpose - other than a trial to make sure people do not mess up too badly, before going for broader sets. | 11:31 |
| cjwatson | the problem is that server covers such a wide range of stuff | 11:31 |
| cjwatson | honestly I'm not sure it's focused enough for a packageset, under the terms you want to apply | 11:31 |
| Daviey | cjwatson: Do you think it would be better to just drop it, and try to mentor people into MOTU->CoreDev? | 11:32 |
| cjwatson | I don't see it being significantly easier to demonstrate competence across such a package set than it would be to demonstrate competence across the archive | 11:32 |
| cjwatson | I think it's useful for your team to be able to directly maintain the product you release; it's when it starts drifting out into universe without any obvious limit that I start getting itchy | 11:34 |
| cjwatson | (FWIW I say the same thing to desktop people when they ask for universe packages to be added to their package set) | 11:34 |
| Daviey | Yeah, there are a bunch of openstack packages that will be in Universe this cycle, which is really part of the server product - but not quite the same promise of security or stability, hence not pushing for main. | 11:35 |
| cjwatson | honestly that kind of thing sounds like it should be part of a specific cloud package set to me | 11:35 |
| Daviey | cjwatson: Well as it stands, cloud and server is one product. | 11:36 |
| cjwatson | I want to keep the automatically-maintained-from-seeds package sets strictly separate from the manually-maintained ones (which isn't to say that they can't have the same access control) | 11:36 |
| cjwatson | it gets completely unmanageable otherwise | 11:36 |
| cjwatson | but manually-maintained sets do exist | 11:36 |
| Daviey | Half of me is tempted to propose a UDS session for this, the other part wants this to just go away so we can get stuff done. :/ | 11:37 |
| cjwatson | it's just a matter of defining sensible parameters for them and asking the DMB to authorise it | 11:37 |
| cjwatson | the "just go away" option is to mentor staff through MOTU/core-dev so that none of it is an issue ... | 11:37 |
| cjwatson | TBH | 11:37 |
| Daviey | s/staff// | 11:37 |
| cjwatson | I probably should have said "developers" | 11:37 |
| soren | jamespage: eucalyptus-commons-ext? I thought the Eucalyptoids had assumed responsibility for the whole stack? | 11:46 |
| jamespage | soren: me to | 11:47 |
| jamespage | working through FTBFS's | 11:47 |
| Daviey | soren: Oh they have.. but the contributions haven't been what we hoped. | 11:56 |
| Daviey | I was convinced until last week that Euca in Oneiric wouldn't work, and natty users wouldn't have an upgrade path. | 11:56 |
| Daviey | Well they would.. but it would be upgrade to disaster. | 11:57 |
| soren | Daviey: Then you sprinkled a bit of pixie dust^W^W^W^W^Wput jamespage on the case? | 11:57 |
| jamespage | well TBH it still does not work | 11:59 |
| Daviey | Clint drove the upstream patch into Oneiric.. James Page fixed a few other things, and smoser did the dance. | 11:59 |
| === scar[w]_ is now known as scar[w] | ||
| Daviey | jdstrand: IIUC bug 801299 is waiting for a decision from the security team if not using SSL by default is acceptable? | 12:13 |
| uvirtbot | Launchpad bug 801299 in glance "[MIR]glance" [High,Incomplete] https://launchpad.net/bugs/801299 | 12:13 |
| jamespage | Daviey: might be our euca issue - https://bugzilla.redhat.com/show_bug.cgi?id=663136 | 12:14 |
| uvirtbot | bugzilla.redhat.com bug 663136 in bouncycastle "bouncycastle 1.45 incompatible with openssl 1.0." [Medium,Closed: errata] | 12:15 |
| jamespage | we use 1.44 in Ubuntu | 12:15 |
| smoser | Daviey, i now realize your "multiboot loading" message did in fact come from the "multiboot support" that I added to Eucalyptus. | 12:18 |
| smoser | The context of Eucalyptus threw me for aloop as I didn't know how you would have hit that code in openstack | 12:18 |
| smoser | (or anywhere else) | 12:18 |
| Daviey | ahhhhhhhhh bouncycastle! | 12:19 |
| Daviey | smoser: no, that pastebin was against nova.. | 12:19 |
| smoser | hm... well then maybe i'm wrong about where the msg came from. | 12:19 |
| Daviey | altohugh, i suspect i might have been using your loader that was targeted for openstack | 12:19 |
| Daviey | (i was using some old scripts.) | 12:19 |
| smoser | as you most certainly should not hit that code path there. | 12:20 |
| smoser | k | 12:20 |
| Daviey | s/targeted for openstack/targeted for euca/ | 12:20 |
| Daviey | jamespage: you think we need that patch? | 12:21 |
| Daviey | jamespage: best not spend much longer investigating this.. post your findings to a bug, and invite upstream comment. | 12:21 |
| jamespage | Daviey: OK - I was just trying to hack a later version in but it appears to have made no differenc | 12:22 |
| Daviey | :( | 12:22 |
| jamespage | Daviey: updated bug 851611 | 12:25 |
| uvirtbot | Launchpad bug 851611 in eucalyptus "Oneiric: Upgrade to 2.0.1+bzr1256 blocks" [High,Confirmed] https://launchpad.net/bugs/851611 | 12:26 |
| Daviey | jamespage: rocking | 12:32 |
| zul | morning | 12:44 |
| Daviey | SpamapS: When you are alive, could you look at Ben's MP on bug 831628? Seemed you were close to it. | 13:08 |
| uvirtbot | Launchpad bug 831628 in squid "squid upstart script doesn't check for filesystems" [Low,Fix committed] https://launchpad.net/bugs/831628 | 13:08 |
| === Ursinha is now known as Ursinha-brb | ||
| kirkland | DanaG: is that oops reproducible? ie, does it happen every time you detach a serial console from byobu? | 13:23 |
| kim0 | hmm, trying to get a KVM VM to PXE boot, it's not even trying to DHCP | 13:34 |
| kim0 | I could almost sware I did that before | 13:34 |
| kim0 | does that not work? | 13:34 |
| soren | IT should. | 13:34 |
| kim0 | Virt manager says "Network selection does not support PXE" besides a little red warning icon .. which is weird! | 13:35 |
| kim0 | I'm using an isolated network, coz the other server is doing the PXE stuff | 13:35 |
| zul | you have the boot roms installed right? | 13:36 |
| kim0 | hmm | 13:36 |
| kim0 | checking | 13:36 |
| zul | in this case kvm-pxe | 13:37 |
| kim0 | wasn't yay! | 13:37 |
| kim0 | zul: thanks :) | 13:37 |
| kim0 | alright my testing orchestra env working | 13:38 |
| kim0 | hmm, I didn't use cobbler add, just PXE booted the VM, wonder what exactly is it loading :) | 13:39 |
| kim0 | it's maxing the cpu as well | 13:39 |
| m_tadeu | hi everyone...I'm trying to send mails with postfix+opendkim. my problem now is that mail that I send to hotmail goes to the junk box | 13:48 |
| m_tadeu | analysing the headers a bit, I see a "sender-id=temperror". any idea what this means? | 13:49 |
| zul | Daviey: can you review a branch for me? https://code.launchpad.net/~zulcss/glance/glance-add-group/+merge/76036 | 13:49 |
| kim0 | the loading of pxelinux.0 is super slow (5 dots till now, each dot taking like 1 min) normal ? | 13:50 |
| Daviey | zul: no purge target? | 13:54 |
| zul | Daviey: point taken | 13:54 |
| zul | Fixed | 13:56 |
| ivoks | m_tadeu: https://help.ubuntu.com/community/Postfix/DKIM | 13:57 |
| DanaG | kirkland: I'll have to check that serial console oops again, this evening. | 14:20 |
| kirkland | DanaG: thanks! i'd be much obliged | 14:22 |
| DanaG | Now, my Microserver has a jumper (that I added a button to), that'll inject an NMI into the system. Should be useful, if I can figure out how to make that trigger a crashdump. | 14:22 |
| kirkland | DanaG: i've never tried byobu on a serial link | 14:22 |
| klaas | is it possible that fdisk causes problems with the partition table of 2tb drives? | 14:22 |
| DanaG | kirkland: Seems to work well as long as you avoid having things (like the clock) that update frequently. | 14:23 |
| kirkland | DanaG: interesting; i should add that to the byobu manpage, then | 14:23 |
| DanaG | I also seem to have to manually "eval resize" (no baxktixk on iPhone keyboard) from outside the console. | 14:24 |
| DanaG | Hah, and it didn't autocorrect "backtick" typo. | 14:24 |
| DanaG | I just wish HP had enabled the serial-over-LAN feature the chip on the remote-access card supports. | 14:28 |
| DanaG | Actually, ncurses apps are sometimes odd on serial console. | 14:28 |
| DanaG | I've seen aptitude just plain hang forever, before showing anything. | 14:29 |
| jamespage | Daviey: does the asterisk merge need a FFE? | 14:29 |
| DanaG | And same is true with byobu, I think. Sometimes I have to start it elsewhere, then reattach from console. | 14:30 |
| dori922 | hey | 14:34 |
| dori922 | im after posting a thread(http://ubuntuforums.org/showthread.php?p=11265788#post11265788), if anyone can help <3 | 14:35 |
| uvirtbot | New bug: #853908 in m2crypto (main) "urllib.urlopen patch causes reading beyond last byte of https responses to take unreasonably long" [Undecided,New] https://launchpad.net/bugs/853908 | 14:36 |
| kirkland | DanaG: interesting; tell you what ... if you add a few notes in a byobu bug about using byobu + serial, i'll consolidate them and add them to the manpage | 14:38 |
| === al-maisan is now known as almaisan-away | ||
| DanaG | kirkland: I can do that, though I may have to do it another evening when I have more time. | 14:40 |
| kirkland | DanaG: sure, no worries, no rush ;-) | 14:40 |
| === bdmurray_ is now known as bdmurray | ||
| tdn | I recently helled a party (wedding) with lots of guests taking pictures that they would like me to have. What software exists that I can apt-get install that allows my (non-computer savvy) guests to give me a copy of their pictures? I have a server that is on a public IP. Guests are probably using Mac and Windows. | 14:42 |
| cloakable | hmmm | 14:49 |
| === Ursinha-brb is now known as Ursinha | ||
| genii-around | tdn: Perhaps zoph ... although I have not used this myself, it looks promising | 14:53 |
| jamespage | tdn: try gallery2 - I've not used it in a while but it used to be pretty good | 14:54 |
| tdn | These two projects looks like web galleries. How do they help my guests send/upload me some files? | 14:55 |
| sms_ | http://blog.zioup.org//2008/iptables_recent/ I'm trying to do this, but I get sudo iptables -A INPUT -t filter -i $OUTS -j DROP -m recent --set --name badguys --> Bad argument `DROP' | 14:57 |
| genii-around | tdn: eg: You put some generic guest account which allows them to upload the wedding photos, give them the URL and password | 14:57 |
| tdn | genii-around, can I be sure that gallery will not touch the files? I.e. make a lossy compression,etc.? Some of this is RAW data that I would like to keep. | 14:58 |
| cloakable | ftp server with upload only for anonymous accounts? Windows will deal with FTP links automatically. | 15:01 |
| tdn | If the users were savvy enough to know about FTP I would not have this problem. I think it must be web based. | 15:01 |
| cloakable | they don't need to know about ftp | 15:02 |
| cloakable | http://www.ncsu.edu/resnet/file_transfer/ftp-windows-explorer.php | 15:02 |
| cloakable | Just give them an ftp link and windows explorer will do everything else | 15:03 |
| tdn | cloakable, if that works it is nice. However, last I checked, Windows Explorer will not let you upload -- only download via FTP. | 15:03 |
| tdn | Same with Firefox. | 15:03 |
| cloakable | tdn: http://allwebco-templates.com/support/S_FTP_Windows.htm | 15:05 |
| cloakable | can upload | 15:05 |
| tdn | Ok. | 15:05 |
| tdn | cloakable, thanks. | 15:05 |
| tdn | Will try it. | 15:05 |
| rbasak | Daviey: Won't your solution to bug 832507 cause all instances to share the same console.log, or am I missing something? | 15:05 |
| uvirtbot | Launchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress] https://launchpad.net/bugs/832507 | 15:05 |
| cloakable | Well, handing a ftp://yourserver to your guests is pretty simple :) | 15:06 |
| rbasak | Daviey: never mind: "You can create as many devices as you like. Internally, emlog uses the file's inode and device numbers to identify the buffer to which the file refers. " | 15:07 |
| lynxman | morning fellas o/ | 16:10 |
| Doonz | hey guys, i have a vps that i would like to use as a http/https proxy. can anyone recommend a guide i could follow on setting this up . the guides all deal with if the proxy server is onyour local network. I would like to do this with the proxy server being external | 16:36 |
| dori922 | im after posting a thread(http://ubuntuforums.org/showthread.php?p=11265788#post11265788), if anyone can help <3 | 16:38 |
| SpamapS | Doonz: whats the purpose of the proxy? | 16:40 |
| === lullabud is now known as warzauwynn | ||
| Daviey | rbasak: my solution for emlog cannot really be merged. I thought we had a new plan that you were driving? | 16:55 |
| rbasak | Daviey: Yes, working on it now. | 16:55 |
| Daviey | jamespage: the asterisk merge seemed to be a bug fix only release? | 16:56 |
| jamespage | Daviey: yes | 16:56 |
| Daviey | rbasak: awesome.. how close is it looking? | 16:56 |
| Daviey | ttx: What is the cut off for bug fixes in diablo? | 16:56 |
| Daviey | ttx: Will diablo have a -fixes (post release) branch? | 16:57 |
| rbasak | Daviey: Not very close yet. I have a plan which is mostly complete. I haven't yet figured out how to manage the lifetime of the fifo reader | 16:58 |
| Daviey | rbasak: the scheduled task? | 16:58 |
| rbasak | Daviey: yeah - actually I think I can implement a better fifo reader without difficulty, but with either that or the scheduled task I need to know where to hook in to start and cancel the task | 16:59 |
| rbasak | (I haven't finished digging through the nova code to my satisfaction yet) | 17:00 |
| Doonz | SpamapS: bypassing geoblocking | 17:01 |
| SpamapS | ttx: while we're discussing Diablo.. will bug 838419 be included? Its rather important to us. :) | 17:02 |
| uvirtbot | Launchpad bug 838419 in nova "nova-compute crashes when applying a security group rule" [High,Fix committed] https://launchpad.net/bugs/838419 | 17:02 |
| SpamapS | Doonz: in that case you probably just need to configure it to require some kind of authentication. | 17:03 |
| Daviey | rbasak: I might be badly advising you, but nova/scheduler/zone_manager.py seems to be an example of a schduled task. | 17:04 |
| Daviey | i'm sure soren will take pleasure in correcting me, if I am wrong :) | 17:04 |
| rbasak | Yeah I understand how to start and stop a scheduled task, and in fact I think rather than polling I know how to make it evented having looked at the eventlet docs. What I don't know yet is where to set up the task/thread and where to tear it down, since it's a per-instance thing | 17:05 |
| koolhead17 | hi all | 17:12 |
| Daviey | lynxman: what is the status of bug 653405? | 17:23 |
| uvirtbot | Launchpad bug 653405 in rabbitmq-server "rabbitmq-server fails to start if hostname is unresolvable or has changed since first starting" [Undecided,Confirmed] https://launchpad.net/bugs/653405 | 17:23 |
| Daviey | rbasak: seems you have it in hand! | 17:24 |
| lynxman | Daviey: supposedly it should have been resolved by fixing the bug in Erlang or upgrading to a new version | 17:24 |
| lynxman | Daviey: so we've been just avoiding the bug by going around it, no direct solution is desirable since the hostname is also used for the db filesystem structure | 17:24 |
| SpamapS | I thought we updated erlang | 17:25 |
| rbasak | Daviey: I'll figure it out. I'm not confident I'll have it in time for beta 2 though | 17:25 |
| SpamapS | In fact, I updated erlang | 17:26 |
| Daviey | rbasak: It's not urgent for beta 2.. but on the other hand, that is when openstack releases! So i am trying to find out if openstack will support a -fixes branch, or if we'll have to distro-patch it. | 17:26 |
| rbasak | Daviey: Incidentally, today I discovered that this will be a nova+libvirt -specific fix. Although I think you might already know this. Some of the other drivers (eg. vmware) do other stuff. | 17:28 |
| Daviey | rbasak: yeah, i don't care about that :P | 17:29 |
| SpamapS | lynxman: I commented in the bug.. it should be "fixed" according to upstream which says that rabbit 2.2.0 and later, + erlang R14B, should solve the reported issue(s). | 17:30 |
| lynxman | SpamapS: agreed, that's why it's hanging there and we're just going around it | 17:33 |
| koolhead17 | hey all | 18:01 |
| lynxman | hey koolhead17 o/ | 18:21 |
| koolhead17 | lynxman: hello | 18:22 |
| ttx | Daviey: tomorrow, and "no" | 19:39 |
| robbiew | SpamapS: call time? | 20:01 |
| SpamapS | robbiew: si | 20:04 |
| zul | jdstrand: so glance and doesnt look like is going to have ssl supported in oneiric but it looks like it going to be in oneiric+1 can we treat it the same as nova? | 20:12 |
| === lickalott_ is now known as lickalott | ||
| koolhead17 | zul: is openstack-dashboard going to be a pkg on diablo/ oneiric this time? | 20:17 |
| zul | koolhead17: im trying | 20:18 |
| koolhead17 | am thinking of trying it with source as i did in cactus, need to get it tested. Is it still stuck because of same bug? | 20:19 |
| koolhead17 | zul: now in diablo everything is changed i heard, keystone API and stuff | 20:20 |
| zul | koolhead17: pretty much.. | 20:22 |
| koolhead17 | zul: so is it still stuck because of that python bug i remember. | 20:22 |
| koolhead17 | Daviey: hey | 20:22 |
| zul | koolhead17: what dashboard? | 20:23 |
| koolhead17 | yeah | 20:23 |
| zul | ill try | 20:24 |
| jdstrand | zul: I need to review it more closely | 20:33 |
| zul | jdstrand: k | 20:34 |
| dioxin | I'm trying to get DHCP to function in Ubuntu but the package doesnt seem to install correctly | 20:49 |
| lickalott | explain "doesn't seem to install correctly" | 20:52 |
| dioxin | sorry I think I resolved it.... the default dhcp installed is isc-dhcp-server, not dhcp3-server | 20:53 |
| dioxin | I was trying to follow directions for a different ubuntu version and expecting it not to have changed much | 20:53 |
| bfreis | I have some trouble with Ubuntu Enterprise Cloud. I've managed to setup a cloud, but after a while, one of the node controllers won't work anymore. The "euca-describe-availability-zones verbose" command will show less resources available than the total (the difference correspond exactly to 1 node being down). In the logs, cc.log shows that the node controller didn't respond some requests, and in the node controller's axis2c.log I see "invalid | 20:58 |
| bfreis | timest amp" problems. I've already installed and correctly configured NTP on the cloud controller and the node controllers, the time is perfectly synchronized. Still, I get these errors! I've googled for many hours, but no solution beyond "install ntp" has been proposed. Any ideas? | 20:58 |
| bfreis | After booting the machine, everything goes back to normal | 21:04 |
| SpamapS | wow.. the upstart jobs for eucalyptus are really.. really impossibly complicated | 21:09 |
| SpamapS | bfreis: are you sure ntp is working? | 21:10 |
| bfreis | SpamapS, ntpq -c peer on the NCs will show a very tiny offset | 21:11 |
| bfreis | SpamapS, (right now it shows 0.084 us) | 21:12 |
| SpamapS | bfreis: and still getting invalid timestamps? hrm | 21:12 |
| bfreis | I've just rebooted the machine, now it works | 21:13 |
| bfreis | but after a while, the problem will come back | 21:13 |
| bfreis | I've checked other logs (syslog, dmesg, among many others) to see if there's something happening at the moment when the timestamp problem starts, but there's nothing! | 21:13 |
| bfreis | it's getting worse. Less then 5 minutes after boot it stopped working again! | 21:14 |
| bfreis | "rampart_timestamp_token.c(179) [rampart]Timestamp not valid: Created time is not valid" | 21:15 |
| SpamapS | bfreis: is it possible that there is data causing the issue, not the current time? | 21:15 |
| bfreis | SpamapS, hmm, I'm not sure I understand what you mean | 21:16 |
| bfreis | The error specifically says "Timestamp not valid: Created time is not valid", and there's nothing running on the NCs. I've just installed them from the CD | 21:17 |
| bfreis | Actually, the steps I did were: I installed the cloud controller / cluster controller / ... on one machine, then apt-get update, apt-get dist-upgrade, and reboot. | 21:17 |
| bfreis | oh | 21:17 |
| bfreis | before the reboot I installed ntp | 21:18 |
| bfreis | Then I did exactly the saame thing for the NCs | 21:18 |
| bfreis | it's a clean, up to date installation | 21:18 |
| SpamapS | interesting | 21:22 |
| SpamapS | bfreis: have you tried stopping the ntp service and actually running 'ntpdate ip.of.other.box' ? | 21:24 |
| SpamapS | bfreis: I know its only getting skewed after 5 minutes.. just wondering if its something weird with even small deviations | 21:25 |
| bfreis | I've just did it, it says "adjust time server 10.20.200.1 offset 0.029159 sec", but the problem is still there | 21:25 |
| bfreis | Is there any difference between running ntp (configured to use the other server) and ntpdate ? | 21:25 |
| SpamapS | yes, ntpd will never repeat a second | 21:26 |
| SpamapS | or sorry | 21:26 |
| SpamapS | will never skip a second, it just shortens/lengthens them | 21:26 |
| SpamapS | so it can take a *long* time to cross even short distances | 21:26 |
| bfreis | hmm | 21:26 |
| SpamapS | ntpdate shoves the time in | 21:26 |
| bfreis | oh, it's working now | 21:26 |
| bfreis | strange, very strange | 21:26 |
| bfreis | do you have an idea of the maximum acceptable offset? | 21:27 |
| bfreis | ntpdate said it corrected something around 20ms! it's nothing! | 21:27 |
| SpamapS | No, but that would be a bug if it was less than 0.089us ;) | 21:27 |
| bfreis | ahah | 21:27 |
| SpamapS | It *might* be that one side is only allowed to be behind or ahead | 21:27 |
| SpamapS | which would be stupid | 21:27 |
| bfreis | actually, I think it is exactly that | 21:28 |
| SpamapS | if so.. | 21:28 |
| bfreis | ntpq -c peer | 21:28 |
| SpamapS | hrm | 21:28 |
| bfreis | on one node (the one that was not working) was showing "+" (or "-", can't remember) | 21:28 |
| bfreis | the other, was showing the opposite offset | 21:28 |
| uvirtbot | New bug: #574244 in etckeeper (main) "etckeeper hook breaks upgrade with "Argument list too long"" [High,Fix released] https://launchpad.net/bugs/574244 | 21:29 |
| bfreis | Now I see: the NC that works shows a negative offset with respect to the cloud controller. The other one shows a positive offset | 21:29 |
| bfreis | (both around tens of microsseconds, nothing that is) | 21:29 |
| bfreis | Is there a way to tell NTP to sync to an offset of the reference server? | 21:31 |
| SpamapS | I'd bet there's an open bug about this already | 21:31 |
| SpamapS | bfreis: that I don't know, but you could of course just cron ntpdate rather than use ntpd | 21:34 |
| SpamapS | bfreis: still this sounds a little *crazy* | 21:34 |
| SpamapS | bfreis: an offset of us is not a real enough offset given network latencies and the like.. it should be tolerant of many ms of offset either way | 21:34 |
| bfreis | take a look here: http://wso2.org/project/wsf/php/1.1.0/docs/code-coverage/rampartc/src/util/.libs/rampart_timestamp_token.c.gcov.html | 21:35 |
| bfreis | line 146 | 21:35 |
| bfreis | a comment says: Check whether created is less than current time or not | 21:35 |
| SpamapS | yeah | 21:36 |
| SpamapS | that sux ;) | 21:36 |
| bfreis | maybe that is the problem, it can be late, but not in the future | 21:36 |
| bfreis | (or the other way round, it's just too confusing! lol) | 21:36 |
| bfreis | I have no idea if this code is up to date, but is the only I could find googling for 5 seconds | 21:37 |
| lynxman | Daviey: ping | 21:37 |
| SpamapS | but really.. those are char fields.. | 21:37 |
| SpamapS | so they are probably carrying too much precision | 21:38 |
| bfreis | crap, it stopped working again | 21:41 |
| === TheEvilPhoenix is now known as TEP| | ||
| === TEP| is now known as TheEvilPhoenix | ||
| bfreis | Well, the problem is really the time, that tiny positive deviation | 21:43 |
| bfreis | I have no idea what to do! | 21:43 |
| bfreis | What I'd really like to do is to comment out that code that checks for deviation :D | 21:43 |
| bfreis | Where would be the better place to report this? Ubuntu? Eucalyptus? | 21:45 |
| SpamapS | bfreis: I think thats part of axis2c but I'm not sure | 21:56 |
| SpamapS | or maybe part of rampart? | 21:56 |
| Daviey | lynxman: hey | 21:56 |
| SpamapS | bfreis: yeah looks like rampart | 21:57 |
| uvirtbot | New bug: #686625 in asterisk "attended transfer does not work in 10.04" [Undecided,Fix released] https://launchpad.net/bugs/686625 | 21:58 |
| SpamapS | bfreis: are you maybe hitting this: http://open.eucalyptus.com/wiki/EucalyptusKnownBugs_v1.5.2 | 21:59 |
| SpamapS | ? | 21:59 |
| lynxman | Daviey: hey, one question, would you help me out if I had questions about merging puppet to 2.7.3? We're slightly behind debian and would like to try to make it for oneiric | 21:59 |
| bfreis | SpamapS, no... | 21:59 |
| bfreis | SpamapS, acutally, when I see that error (which is not an error according to many sources on the net), it is when everything works! | 21:59 |
| SpamapS | Oh.. doh | 22:00 |
| SpamapS | bfreis: its possible that the euca tools are sending a timestamp that is too accurate too.. not sure really. | 22:01 |
| SpamapS | bfreis: anyway, you can probably patch it out of rampart.. but I don't know if its a good idea, they put that validation in for a reason :p | 22:01 |
| Daviey | lynxman: can you check out the final freeze exception process? Check the debian and upstream changelog delta, and try to do an analysis of what gain we get. | 22:02 |
| Daviey | ? | 22:02 |
| bfreis | damn! now the other NC has a positive offset, and is down! | 22:02 |
| lynxman | Daviey: final freeze isn't until nex tweek right? | 22:02 |
| bfreis | How can people live with these problems?! | 22:03 |
| bfreis | Unless I find a way to tell ntp or ntpdate to set the time to some negative offset of the reference time, my cloud won't work! | 22:03 |
| Daviey | lynxman: well, as each day passes - the test it has to pass to be approved gets harder. | 22:03 |
| Daviey | :) | 22:03 |
| lynxman | Daviey: I like a challenge :) | 22:05 |
| Daviey | heh | 22:05 |
| SpamapS | utlemming: wow you've been a machine today working on those runlevel1 bugs. :) | 22:07 |
| JoeCoder | Hello. I have this (https://gist.github.com/9268ef1dcd5875c025be) saved to /etc/iptables.rules. I rebooted my server and ran iptables--list , but nothing is listed. | 22:08 |
| JoeCoder | I think I am missing a step? | 22:08 |
| lynxman | Daviey: I'll try to get that merge proposal by today, to avoid running last minute | 22:08 |
| utlemming | SpamapS: yeah, low hanging fruit that is easy | 22:08 |
| Daviey | lynxman: well do the groundwork first to see if it is viable. | 22:09 |
| Daviey | Would be a shame to do the merge for it to be nacked. | 22:09 |
| lynxman | Daviey: yeah of course, no worries :) | 22:09 |
| Daviey | SpamapS: btw, i tried your redshift debdiff.. it was kinda sneaky, having unrepresented binary changes.. | 22:10 |
| Daviey | ie, make sure you don't base an upload on the debdiff. | 22:10 |
| SpamapS | Daviey: huh? | 22:10 |
| Daviey | *THE* reason i opened a debian bug to get them to update to the new upstream version was the geoclue support, and they failed to enable it.. oh joy. | 22:10 |
| JoeCoder | what is the recommended way to load an iptables config file when the system starts? | 22:11 |
| SpamapS | Daviey: Oh the debdiff. yeah I should have done a branch instead since it was an upstream release. | 22:11 |
| SpamapS | Daviey: that debdiff was a result of bzr merge-upstream .. and its just been uploaded actually. ;) | 22:11 |
| Daviey | SpamapS: well that isn't a big deal, but the translations are treated as binary files - making a debdiff suck.. grep for "Binary files" :/ | 22:12 |
| SpamapS | Daviey: redshift suddenly not working anymore, and me forgetting about it, probably cost me 10 sleepless nights. :-/ | 22:12 |
| Daviey | Yeah, i'm glad to have red burning my retina again :) | 22:13 |
| SpamapS | Daviey: right, the debdiff was just me following FFE process. I did the changes in bzr branches, and the translations are properly included.. I think. | 22:13 |
| Daviey | ah | 22:13 |
| Daviey | super | 22:13 |
| patdk-lap | joecoder, isn't that a rhel/centos thing? | 22:13 |
| Daviey | well if debuild didn't report 'upstream changes should have used a patch' then you are good. | 22:13 |
| JoeCoder | patdk-lap: I don't know. I just want to enable a firewall. | 22:14 |
| patdk-lap | iptables-persistent - Simple package to set up iptables on boot | 22:14 |
| JoeCoder | thanks. I'll check it out | 22:15 |
| patdk-lap | ubuntu normally uses ufw? but it kindof has it's own language | 22:16 |
| JoeCoder | ufw? | 22:16 |
| JoeCoder | are you talking about the language for the iptables.rules file? | 22:16 |
| patdk-lap | it's slightly more advanced than iptables.rules, but not much | 22:16 |
| JoeCoder | I had used this as a template: http://www.rackspace.com/knowledge_center/index.php/Sample_iptables_ruleset | 22:17 |
| JoeCoder | will this format not work for ubuntu? | 22:18 |
| patdk-lap | it's plain iptables | 22:18 |
| JoeCoder | is it supposed to be plain iptables? | 22:18 |
| patdk-lap | plain iptables can be a pain to work with though, after you get a few thousand lines | 22:18 |
| patdk-lap | for iptables to use it, yes | 22:19 |
| patdk-lap | for ufw, no | 22:19 |
| JoeCoder | I don't plan on adding any more than I have? | 22:19 |
| JoeCoder | Why would it need several thousand lines? | 22:19 |
| patdk-lap | to control traffic between networks? | 22:19 |
| patdk-lap | I have like 13 interfaces on that box | 22:20 |
| JoeCoder | I have one box with a public and private network. | 22:20 |
| JoeCoder | eth0 and eth1. I didn't plan on adding any firewall rules to eth1. | 22:20 |
| JoeCoder | apt-get install iptables-persistent | 22:22 |
| JoeCoder | after doing this there is no man entry for it, and no binary with this name. | 22:22 |
| JoeCoder | I'm having trouble finding documentation. | 22:22 |
| JoeCoder | perhaps it automatically keeps the current rules after a reboot? | 22:23 |
| patdk-lap | google seems to work pretty good | 22:24 |
| patdk-lap | http://www.ubuntucy.org/wiki/index.php/A_persistent_iptables_startup_script_for_Debian_based_systems | 22:24 |
| JoeCoder | I read that and still didn't understand how to use it. | 22:24 |
| JoeCoder | I put the config script at teh bottom in /etc/init.d/iptables-persistent? | 22:25 |
| JoeCoder | there seems to already be a completely different script at that location. | 22:25 |
| JoeCoder | and it looks like that one loads from /etc/iptables/rules , so I'll put my config file there and reboot to see what happens. | 22:26 |
| JoeCoder | still no luck. my iptables --list is empty | 22:28 |
| JoeCoder | ubuntu doesn't allow empty lines in the config file. Removing those has fixed it and now persistence works. | 22:31 |
| lynxman | smoser: ping | 22:42 |
| hazmat | smoser, is the fix for bug 845155 in the openstack oneiric packages? | 22:42 |
| uvirtbot | Launchpad bug 845155 in nova "instance launched without key has incorrect metadata" [Medium,Fix committed] https://launchpad.net/bugs/845155 | 22:42 |
| lynxman | smoser: Concerning bug #845155 do you know if this is merged in the oneiric packages? | 22:42 |
| lynxman | hazmat: jinx :D | 22:42 |
| hazmat | lynxman, :-) | 22:42 |
| uvirtbot | New bug: #571271 in cloud-init (main) "uec images should wait longer for metadata service" [High,Fix released] https://launchpad.net/bugs/571271 | 23:50 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!