/srv/irclogs.ubuntu.com/2011/09/23/#ubuntu-server.txt

=== JoeGazz84 is now known as dorkus
=== dorkus is now known as JoeGazz84
rocioalguien habla español00:35
twb!es00:36
ubottuEn la mayoría de canales de Ubuntu se habla sólo en inglés. Si busca ayuda en español o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.00:36
twbSolo ingles in esta canal, por favor00:36
smoserDaviey, it seems that i cannot.00:58
smoser# euca-modify-image-attribute --launch-permission --add foof ami-0000003; echo $?00:58
smoserApiError: user or group not specified00:58
smoser100:58
smosernot a good error, because clearly a user or group *was* specified, but at least it exited non-zero00:58
rocioalguien????01:06
twbrocio: no.01:11
rocioque tal01:11
twbGRARGH02:33
twbhttp://paste.debian.net/131692/02:34
twbI am *REALLY* sick of ubuntu doing that02:34
twbI think it's because of that crap PATH setting moved from /etc/profile to pam_environment.so or something02:35
twb*because of that crap where02:35
twbBasically what happens is, if you ssh to root@<lucid host>, PATH is not set appropriately.02:36
=== medberry is now known as med_out
twbOK, I have an airgapped network.  I need NTP to work on it.  I cannot afford a cesium hardware clock, and I am not allowed to deploy a hardware clock that uses GPS.03:05
twbCurrently, the NTP server reports a stratum of 16, which I *think* is why the desktops are ignoring its time information.03:05
twbCan I simply tell NTP on the server to force its stratum to 3 ?03:06
CluelessPersonhow do I setup my server to allow for VMware?03:22
twbCluelessPerson: define "allow vmware"03:23
CluelessPersontwb, I'm learning about stuff, I don't know much about it, and I'm googling it and stuff, wondering if someone could tell me what they think03:23
twbThat is not a sufficient answer.03:25
CluelessPersontwb, What do I need to use it?03:25
CluelessPersonminimum specs?, etc03:25
CluelessPersontwb,  I have a headless ubuntu server.03:25
twbTo use what?03:26
CluelessPersontwb,  How do I handle virtualization?03:26
CluelessPersonI know OF it, but I odn't know it03:26
twbIs your actual goal something like "I want to learn how to make VMs"03:26
CluelessPersontwb, I think so. :p03:28
twbIn that case, don't use VMware03:29
twbThe technology you should be using is KVM, which is built into Linux.  The userspace component is also called "KVM" (based on "QEMU"), which is a CLI program.  There is an optional abstraction layer called "libvirt" to help manage VMs, and a GUI for that called "virt-manager".03:30
CluelessPersontwb, So if I wanted to run ubuntu -netbook on my netbook, and remote ui to a virtual os running in kvm on the server, what do you think of that?03:32
twbThe key hardware requirement for x86 and x86-64 systems is hardware VT03:32
twb13:32 <dpkg> To confirm if your processor supports x86 virtualization extensions. run: egrep -q -e '^flags.*vmx' -e '^flags.*svm' /proc/cpuinfo && echo 'virtualization extensions available'.  Note that Intel VT (IVT) support may be switched off in firmware for some implementations.  See also <virtualization>.03:32
CluelessPersontwb,   It tells me "virtualization extensiosn available"03:34
twbThen you are fine03:35
CluelessPersontwb,  so you suggest installing kvm03:35
twbYes.03:36
twbYou should read the Ubuntu Server Guide corresponding to your release.03:36
CluelessPersonon it03:37
Jasonnanyone know how to make user-specific disk space limits without making partitions in a user friendly way?04:29
qman__Jasonn, quotas04:38
Jasonnqman__: And can I use that to create them too04:38
Jasonnand if so, what is the command to do that04:38
AlecTaylorhi04:40
AlecTaylorHow do I stop the default VNC server of Ubuntu via CLI?04:40
qman__it requires extra packages, a quick google found this guide: http://www.debianadmin.com/implement-and-manage-disk-quotas-in-linux.html04:40
qman__AlecTaylor, ubuntu server does not have a VNC server by default04:41
AlecTaylorMine does!04:42
AlecTaylor:\04:42
JasonnAlecTaylor: killall *vnc*04:42
Jasonnqman__: thanks :)04:42
qman__ubuntu server does not have a GUI by default, either04:42
qman__a prerequisite to running VNC04:42
AlecTaylorJasonn: No process found04:44
qman__the point of this being, either you installed it and should know which one you installed, or you are not running ubuntu server04:44
JasonnAlecTaylor: sudo apt-get install htop && sudo htop04:44
Jasonnfind it there04:44
qman__you may be able to determine it with something like 'dpkg -l | grep vnc'04:44
AlecTaylorJasonn: htop? - Hmm, what does the h stand for?04:45
* AlecTaylor has ntop and top installed04:45
Jasonnits another prog04:45
AlecTaylorJasonn: htop? - Hmm, what does the h stand for?04:45
Jasonnimo, its the best one04:45
Jasonnits another prog04:45
Jasonnimo, its the best one04:45
AlecTaylorHmm, what does the h stand for?04:45
JasonnI dont know04:45
AlecTaylork04:45
Jasonnqman__: And what would the command be to set a limit of 1GB on user a ?04:46
Jasonnuser_a *04:46
qman__I don't know, see the man pages for the various quota programs04:48
qman__I'd start with quotaon04:48
qman__also, please disregard the webmin stuff, as webmin is not supported on ubuntu04:48
qman__I didn't notice that bit when I first linked04:49
qman__the rest applies04:49
Jasonnoh04:49
Jasonnalright04:49
Jasonnthanks :)04:49
AlecTaylorI'm controlling a VNC session through RDP (xrdp) remotely. How do I force a change in resolution to one not listed?04:49
Jasonntake out the host comp's monitorr04:50
AlecTaylor:P04:50
qman__you'd have to hack X up to include your desired video mode04:50
qman__but that's not really a question suited to this channel, since ubuntu server does not have a GUI by default04:51
twbAlecTaylor: iirc the h in htop is the author's first name initial04:51
AlecTaylorqman__: Using that logic, anyone with a non clean install of Ubuntu Server can't ask questions here?04:51
AlecTaylortwb: Ahh04:52
twbAlecTaylor: like, his name is Hagbard or whatever04:52
Jasonnqman__: ok, if you install this for me and make it work, I will let you use my dedicated server and give you like 50GB HDD space04:54
qman__AlecTaylor, not exactly, but X and GUIs in general are a very wide subject and are outside the scope of ubuntu server's typical, supported configurations04:54
qman__I didn't say it wasn't allowed, just not well suited04:54
qman__you'll have better luck elsewhere, in more X specific places04:55
qman__Jasonn, I appreciate the offer but I don't really need such a thing, and I unfortunately don't have time to help you in further detail right now04:59
qman__if you still need help saturday or sunday I may be able to04:59
Jasonnalright04:59
Jasonnthanks man :)04:59
AlecTaylorHow do I upgrade from 11.04 to 11.10?05:07
jmarsdenAlecTaylor: You wait for 11.10 to be released.05:08
twbjmarsden: say, do you run unbound?05:08
jmarsdentwb: No, sorry.05:08
twbOh well05:08
AlecTaylorjmarsden: So I can't upgrade to beta?05:09
twbAlecTaylor: if you have to ask, you shouldn't be running pre-releases05:09
AlecTaylorBut I want this package, only available in oneric: http://packages.ubuntu.com/oneiric/request-tracker405:09
jmarsdenSo backport it.05:09
jmarsdenMigrating to a a beta OS for one package is totally outrageously overkill...05:09
AlecTaylorHow to backport?05:10
* AlecTaylor thought it might be easier to upgrade rather than backport05:10
AlecTaylor!upgrade05:10
ubottuFor upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade05:10
jmarsdenAlecTaylor: Download the package sources, rebuild the package under your current production OS, and install the resulting package.05:10
AlecTaylorEasier to upgrade methinks05:11
jmarsdenYou will note the advice in the first of your two links re betas is "skilled and confident users may wish to upgrade" .  if you were a skileld and confident user of Ubuntu Server, you would not be asking these questions.  Therefore, upgrading to a beta is, for you, a bad idea.05:12
JasonnAlecTaylor: yes, for a basic user to upgrade to a highly-unstable beta OS, sounds like a good idea to me :D05:13
jmarsdenThere is another option: patience.  11.10 will be released in October.05:13
AlecTaylorJasonn: It'll be released next month, so why not make upgrading easier for the WinAdmin who takes over?05:19
Jasonnwhy not wait a month and let him do it?05:19
AlecTaylorJasonn: Then he'd call me back in. I'm just doing 1 project, I don't want callbacks!05:24
Jasonnlol05:24
Jasonnyoud get paid more!05:25
AlecTaylorReputation would go down05:25
CluelessPersonSo I'm thinking05:40
CluelessPersonfrom inside this network, I could create my own private network with my router, server, and netbook, while my family resides on the outer shell.05:40
CluelessPersonmy server could act as an anonymolizing proxy to tor for all connections on whatever port05:41
CluelessPersonand my server could run vms, for various functions, including dummy vms that upon access could lock down the private network.05:42
CluelessPersonfor some reason I can't install java 6 on my ubuntu server07:12
ikoniadefine "can't"07:13
ersiCluelessPerson: Please detail what your troubles are. Not finding a suitable package? Getting complains from apt installing a specific package?07:15
CluelessPersoncan't find the package to install07:15
CluelessPersonsudo apt-get install sun-java6-bin07:15
CluelessPersonfails, can't find it07:15
ersi"sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independent files)"?07:16
ersiOh. sun-java6-bin.07:16
ersiWhat specific error are you getting? That apt isn't finding it on the mirror?07:16
CluelessPersonersi, sudo add-apt-repository ppa:ferramroberto/java07:17
CluelessPerson"command not found"07:17
CluelessPersonlike, wtf.07:17
ersiUh.07:17
ersiThat package is available in the regular mirrors though07:18
ersiAtleast in 11.04.07:18
AlecTaylorThis upgrade is taking forever. How long is it meant to take to upgrade from 11.04 to 11.10?07:23
ikoniadepends on a lot of factors07:24
AlecTaylorHmm, what were the specs...07:24
ikonia(have a look on another terminal what processes are up to)07:24
ikoniawhat specs ?07:24
AlecTaylor2GB of RAM07:24
AlecTaylor2 processors07:25
AlecTaylorSo about how long? (estimate)07:25
ikoniayou can't estimate07:25
AlecTaylorCurrently installing ubufox07:25
AlecTaylorIs it in alphabetical install order?07:25
ikoniahave a look in antoher terminal if any processes are hung07:25
ikoniaor if anything's going on07:25
AlecTaylorNothings hung, it's progressing07:25
AlecTaylorJust want to know how much longer I need to wait07:26
ikoniathere we go then, so sit tight07:26
AlecTaylorYay, up to "Setting up" stage, after 1 or 2 hours07:26
AlecTaylor:D07:26
ersiAlecTaylor: Packing up packages and putting them in their places can take a while.07:27
AlecTaylorWhat are they, union workers?07:27
ersiWithout the breaks, and it works for free.07:28
ersiAnd doesn't mind worse conditions07:28
ersiSo I guess.. No :P07:28
AlecTaylorhehe07:32
* AlecTaylor can't wait any longer, time to watch some more anime!07:32
ersiSounds like a good distraction :]07:33
AlecTaylorHmm, PostgreSQL upgrading to 9.1 from 8 but 8 db server still running07:42
AlecTaylorstrange07:42
sorenAlecTaylor: It depends on how much stuff is installed on the system being upgraded.08:02
sorenAlecTaylor: ...and how fast the machine is.08:02
AlecTaylorIt's currently at the remove redundant apps stage08:02
CluelessPersondoes anyone here play minecraft?08:02
CluelessPersonI need help with an init script08:03
AlecTaylorWOOT - Restart stage08:03
CluelessPersonI'm looking for an init script that uses ramdisk and backups08:03
Davieyadam_g_: are you alive?08:14
SpamapSDaviey: he may not be, but I am.. :-P08:15
SpamapS3 nights in a row of severe onset insomnia brought on by late coffee ingestion .. :-P08:15
DavieySpamapS: heh, good to see your dedication :)08:18
SpamapSMostly just tweaking my demo toy so I'll look smart with Jane and Jorge on stage at ODS :)08:18
DavieySpamapS: non-shared storage instance migration is working \o/08:19
Davieywhich is perfect for rebooting compute nodes \o/08:19
DavieySpamapS: Ah, so you'll get the blame when i goes wrong? :)08:19
DavieyYou keep signing up to stuff that'll backfire >:)08:20
SpamapSNo, I'm preparing to throw rbasak under the bus. New guys are always at fault.08:20
DavieyTrue.08:20
rbasak:-(08:20
SpamapSThankfully JamesPage stepped right in the pile of euca after I stepped in it.. :)08:20
SpamapSrbasak: buck up.. its only a 5 minute demo.. I'm sure they'll just give you a warning for screwing it up. ;)08:21
AlecTaylorI've got no screens. I've tried apt-get remove ubuntu-desktop, apt-get remove xauth. I then rebooted and reinstalled them. I still can't startx due to no screens being found. What's next?08:21
rbasakHmm, maybe it's a good thing I'm not going to ODS :)08:21
SpamapS"If only rbasak would have showed up, we could have had a good demo."08:22
jamespageSpamapS: I noticed your footprint just as I did :-)08:22
rbasaklol08:22
rbasakDaviey: qemu-nbd: Could not access '/dev/nbd15': No such file or directory08:24
rbasakDaviey: what was the fix for that?08:24
jamespageSpamapS, other than whats in PPA whats the current state of Cassandra packaging?08:29
jamespageor is that it?08:29
Davieyrbasak: NFI08:31
* rbasak reboots08:31
AlecTaylorI can't ping google via its hostname. When I try via its IP Address I get "Packet filtered" errors08:31
ersiAlecTaylor: Well, what have you done? Just apt-get remove and apt-get upgrade a lot of stuff? Did you have Networkmanager taking care of your connections before? (You're converting from a desktop install to a server install?) Have you configured any interfaces in /etc/network/interfaces?08:39
rbasakDaviey: you were right, libvirt is hanging because it's trying to open the fifo08:40
DavieyGah08:45
Davieyrbasak: does echo > fifo unblock it ?08:46
rbasakDaviey: yep. Well "cat > fifo" does.08:46
rbasak(so just the open, no write required)08:46
rbasakI'm just trying a workaround by having my logger hold it open for write :)08:46
Davieyrbasak: Sounds like as part of the fifo creation hunk, touching the fifo might be the solution?08:47
Davieyah!08:47
Daviey:)08:47
jamespageDaviey: asterisk merge? hows that working for you?08:49
Davieyjamespage: Hmm08:55
nigelbHi, I have a very curious problem.08:56
nigelbWhen I run a bash script, the $PATH is empty inside that script.08:56
nigelbIts normal wen I echo $PATH in my shell.08:56
ersiIs there anyone familiar with freeRadius here? Im trying to locate why my radiusd is checking the system/local passwd file, even though I've commented out 'unix' and have 'file' uncommented in sites-available/default08:57
SpamapSjamespage: Cassandra puts out their own packages08:58
* SpamapS should sleep soon :p08:58
SpamapSjamespage: that is the primary reason I stopped maintaining the PPA.. nobody cared about my packages when upstream was always more up to date. :)08:58
DavieySpamapS: sleep is for the weak.09:00
uvirtbotNew bug: #857175 in lm-sensors (main) "i2c-i801 kernel module needlessly blacklisted" [Undecided,New] https://launchpad.net/bugs/85717509:01
nigelbDaviey++09:01
jamespageSpamapS, I thought that was the case09:01
jamespageI was reviewing negronjl's cassandra charm09:02
jamespagewhich ATM pulls a .deb from elsewhere09:02
jamespagewhich felt a bit odd - I'll ping him later09:02
SpamapSWe need to start thinking *very* hard about cryptographic guarantees on files that charms pull.09:03
jamespageyes09:03
DavieyWe discussed using archive, PPA and upstream source in charms - but i don't think external debs was considered09:03
jamespageI agree09:03
SpamapSAnd on configurability so that they are repeatable.09:03
jamespageI did a branch of the jenkins charm yesterday which defaults to the distro, but has configuration to use upstream stable or trunk archives as well09:04
SpamapSI'd actually move that we have an apt plugin for charms to make use of which also builds a repository of packages on the bootstrap node so that updates happen when you ask for them, not just when you add-unit and oops new package, yay.09:04
jamespageSpamapS, that would be nice09:05
SpamapSits needed for juju as well09:05
jamespagetrue09:05
SpamapSthis business ofpulling from ppa or distro or branch or wtf ... its not going to fly09:05
DavieySpamapS: Well it's plausible that upstream doesn't allow rebuilding of debs, ie, hacked packages... So something like debmarshal would be a good win for that.09:06
SpamapSShould be relatively easy actually. Just stick an apt-get and add-apt-repository in the path which use this plugin...09:06
SpamapSDaviey: yeah, the cassandra upstream debs are nearly impossible to rebuild09:07
SpamapSI *did* solve that.09:07
SpamapSbut then I started trying to get rid of the embedded jars09:07
DavieyThe key needs to be exposed aswell09:07
SpamapSand thats where I started wanting to throw cassandra off a moving high speed train09:07
Davieyheh09:07
rbasakOK now I'm hitting an apparmor problem: [Errno 6] No such device or address: '/home/ubuntu/nova/nova/instances/instance-0000000a/console.fifo'09:07
rbasakI've tried aa-complain on libvirtd09:07
SpamapSDaviey: right, we can think it through at implementation time. The idea is to be able to know that add-unit will actually add the same unit... not one with updates.09:08
rbasakThat didn't work but I didn't really expect it to - how is it that apparmor is being applied to nova? Is libvirt doing it?09:08
SpamapSAnyway09:08
twbrbasak: apparmor has per-VM profiles instantiated from a libvirt template09:08
Davieyrbasak: You can reproduce it with apparmour teardown?09:08
twbrbasak: maybe you need to set the specific VM profile to complain?09:08
SpamapSchatting about work has made me want to sleep09:08
Davieyapparmor*09:08
SpamapS\o/09:08
DavieySpamapS: hah, nn09:09
* rbasak doesn't know that much about apparmor09:09
SpamapSgoodnight, especially to my long lost english cousins ... :)09:09
rbasakCan I just disable the whole thing for testing?09:09
rbasaktwb: how do I do that?09:09
rbasakDaviey: I don't follow, what's apparmor teardown?09:10
Davieyrbasak: as in, you get the same error with apparmor not part of it.09:10
twbrbasak: nfi09:10
Davieyrbasak: sudo /etc/init.d/apparmor teardown09:10
twbteardown will basically turn off apparmor AIUI09:11
rbasakAh that is what I was after, didn't know how to achieve it09:11
rbasakNo, same error :-/09:11
rbasakBut doesn't libvirt dynamically create the profiles - will apparmor teardown work with that?09:12
DavieyIt *should* do.09:12
twbPerhaps a better question is how to ask apparmor what profiles are currently enforced09:12
twbAnyway what makes you think that's an apparmor problem?09:12
Davieyif you stop + start libvirt you know for usre.09:13
Daviey(restart doesn't have the same behaviour as stop/start btw)09:13
twbThey usually take the form of a dmesg/syslog audit() complaint09:13
twbEh, I rewrote my libvirtd job so that containers will not be hard-killed if the host OS is shut down09:13
Davieytwb: Interesting, care to share the diff?09:14
twbhttp://paste.debian.net/131730/09:14
rbasakI thought it was an apparmor problem as occasionally I saw apparmor complaints in the nova-compute trace09:15
twbTBH I don't understand how ubuntu/libvirt could even THINK of shipping a system that just hard-kills VMs09:15
twbDaviey: note that this means you can't reconfigure libvirtd without rebooting all VMs09:15
twbkirkland: ^^ FYI, paste might interest you09:16
rbasakOK it's not apparmor at all09:16
* rbasak looks sheepish09:16
koolhead17hi a09:19
koolhead17*all09:19
spajderixhi09:21
Davieytwb: nice!09:33
Davieytwb: you don't fancy raising a bug with that attached do you?09:34
twbICBF, sorry09:34
Daviey:(09:37
sorentwb: I don't see how that is functionally different from what we have in Oneiric now? Both first attempt a shutdown, wait for a while, then kill them hard if they're not yet stopped.09:45
twbsoren: I only look at LTS, maybe you already have it in non-LTS versions09:46
sorentwb: Ah.09:46
twbIf so, sorry for the noise09:46
sorentwb: Yeah, in Lucid it doesn't do anything at all, right?09:46
sorentwb: So they just die.09:46
sorenbug 35093609:47
uvirtbotLaunchpad bug 350936 in libvirt "Should shut down domains on system shutdown" [High,Fix committed] https://launchpad.net/bugs/35093609:47
twbRight, they just run until the old sysvinit shutdown code does a killall -909:47
sorentwb: Looks like it was pushed to Lucid as well.09:48
HellSpawn1добрый день10:15
HellSpawn1с ubuntu server на hyper-v работал кто-то ?10:15
Myrtti!ru | HellSpawn110:16
ubottuHellSpawn1: Пожалуйста наберите /join #ubuntu-ru для получения помощи на русском языке. | Pozhalujsta naberite /join #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke.10:16
MyrttiHellSpawn1: alternatively you could try English10:16
HellSpawn1Hi! I'm try use ubuntu server 10.04 x86_64 with Hyper-V. Have a problem with a large HDD10:17
HellSpawn1after instalation, i'm use hv_ modules for emulated hardware. And in my system appear second storage. And i have 2 HDD: first - sda and size 137Gb and second hda - full size.10:20
HellSpawn1after mounting system via hda drive, i'm receiving errors about write buffer at disk sda10:23
Retrikanybody know how stop this error: segmentation fault, i use ubuntu server 64 bit 10.0410:24
rbasakDaviey: was it lp:~hudson-openstack/nova/milestone-proposed you pulled from last time?10:26
Davieyrbasak: yes10:31
twbsoren: in backports, or updates?10:32
twbsoren: I haven't seen any dpkg merge offer with the latter enabled...10:32
Davieyrbasak: BTW, nova trunk has now moved to git.. so once you have a patch, we'll try and get it lnded in trunk before cherrypicking it back to our packages10:32
rbasakOK10:32
HellSpawn1some one using Ubuntu Server on Hyper-V ?10:34
rbasakHellSpawn1: I think AlecTaylor was yesterday10:35
sorentwb: /me checks10:35
sorentwb: It's in proposed.10:36
sorentwb: Not sure why it hasn't move on from there.10:36
twbinertia10:37
sorentwb: I have a guess, but I'm verifying.10:38
twbDon't trouble yourself on my account10:39
sorenToo late.10:39
* twb recoils in horror10:39
Guest43860Q). i just did a tasksel install lamp-sever but am unsure why i cant get .htaccess files working ? any clues?11:12
Guest43860im working on the default site at the mo but will need other vhost to include there own .htaccess file as well as directory level access control based on ip.11:13
uvirtbotNew bug: #801299 in glance (universe) "[MIR]glance" [High,Fix released] https://launchpad.net/bugs/80129911:17
jamespage\o/11:21
DulcinHmm, for some reason my system fails to fetch packages with apt-get update11:27
DulcinI get a lot of 404 errors, I tried changing my sources list11:27
Dulcinbut the same problem, any idea waht it could be?11:28
rbasakOK now I really am getting an apparmor problem: (nova.exception): TRACE: libvirtError: internal error cannot load AppArmor profile 'libvirt-984032ec-630f-c8e1-36ce-8d7b6efd1266'12:02
rbasakI can't see a file with that name in /etc/apparmor.d/libvirt, but similar ones from successful previous instances refer to a console.log file12:02
rbasakwhich I've now changed to console.fifo and it's now a fifo rather than a plain file12:03
rbasakNext I'm going to have to pull nova out of the equation and try getting libvirt to start instances with fifos manually unless anyone has any ideas?12:04
rbasaksoren: ^^, re https://bugs.launchpad.net/nova/+bug/83250712:05
uvirtbotLaunchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress]12:05
sorenOh.12:06
sorenjdstrand: One for you ^12:06
sorenjdstrand: The filename referencing a fifo in the libvirt xml is really a basename for the actual fifos.12:07
sorenjdstrand: So, if you specify a fifo named "foo", the actual fifos will be named "foo.in" and "foo.out".12:07
sorenjdstrand: I guess the apparmor magic will need to take that into account.12:07
sorenjdstrand: (the logic that defines that lives in kvm, not libvirt)12:07
sorenrbasak: jdstrand is your man when it comes to apparmour and libvirt.12:08
rbasaksoren: I've not actually told libvirt that it's a fifo12:08
sorenrbasak: ?!?12:09
sorenrbasak: So how is kvm supposed to know?12:09
rbasakwell, this is what I wondered when we started this conversation a couple of weeks ago!12:09
rbasakthat's why I said it sounded dodgy!12:09
ersiHm. I'm trying to bring up a VLAN Interface on my Ubuntu 11.04 with a Realtek RTL8111/8168B NIC and I'm getting "SIOCSIFADDR: No such device" when I try to bring up eth.100 - what gives? Here's my /etc/network/interfaces - http://dpaste.org/dx8MH/12:10
rbasakI suppose I could change it to do that, but I will have to sort out a writer for the other direction that's not used12:10
Davieyerm, why does kvm care it's a fifo?12:11
Davieysoren / rbasak ^12:11
rbasakimho, fifo semantics are different (eg. blocking, EPIPE, SIGPIPE) so it stops random breakage like the libvirtd hanging problem we had earlier12:12
patdk-wkersi, did you install the vlan package?12:13
ersipatdk-wk: No. Lol.12:13
sorenDaviey: So that it can do the right thing. I suppose it's possible that it'll work without telling it that it's a fifo (the special care you need to take with fifo's doesn't hurt if applied to other files), but I think it's probably safer to let kvm know what's going on.12:13
ersipatdk-wk: Doing that now, I'll also sit in the shame corner for a min :]12:13
patdk-wkdon't worry, I use vlans all the time, and last install had the same issue12:14
sorenrbasak: Just ignore the .in fifo.12:14
patdk-wktook a few min to figure that out myself :)12:14
ersipatdk-wk: Dunno why I assumed I had all the prerequisites :D12:14
ersiMight be cause I had fiddled with networking on that machine earlier, setting up bridging and shiz12:14
ersiUhh, weird. Why is it still routing traffic for 10.100.0.0/16 through my default gateway on another device :E12:15
Davieysoren: it worked fine with my mknod from my legacy branch, i can't see why kvm would care what is under it.12:15
sorenDaviey: Shall I repeat myself or can you read it again on your own? :)12:16
Davieysoren: either way.12:16
sorenDaviey: Ok. Are you aware of the special care one needs to take to work with fifo's?12:17
rbasaksoren: so http://libvirt.org/formatdomain.html#elementsCharPipe ?12:17
sorenDaviey: Specifically fifo's where "the other end" might go missing and you don't want to let that take you down with it?12:17
Davieysoren: you'll notice i didn't ask a question, but made a statement agreeing with your supposition.12:17
Davieysoren: I always put on eye protection.12:17
jdstrandrbasak, soren: re .in and .out> this relates to 832507? if so, could someone connect the dots with xml to reproduce and I'll write a fix12:17
sorenrbasak: Yes.12:18
Davieysoren: Do i need to provide logs of this same conversation from 2 weeks ago?12:18
sorenDaviey: Sorry, I don't see your agreeing with me. I do see you, once more, question its necessity? What am I missing?12:18
koolhead17hey soren12:19
sorenkoolhead17: o/12:19
Davieysoren: I didn't ask a question.12:19
rbasaksoren: just to make sure I understand, if I use type="pipe", I still need to append .in and .out? And by ignore are you saying that I need to open for write (so it won't block the open for read at the qemu end), or just do nothing?12:19
sorenDaviey: It's not my fault you failed to punctuate correctly.12:20
koolhead17soren: got keystone working finally. :D12:20
sorenDaviey: "i can't see why kvm would care what is under it" is a question in my book regardless of the lack of question mark at the end.12:20
rbasakjdstrand: yes, it's for 832507, but atm I'm not telling libvirt that it's a fifo, and that's what's not working. I'll try the type="pipe" as soren says and see if that works.12:22
jdstrandit'll be interesting to see if it does12:22
jdstrand(from an apparmor driver perspective)12:22
sorenDaviey: Anyways.. You say you can't see why it would care. It would care, because you need to do someting special in order to properly handle it when the other end of a pipe dies (or closes the fd).12:23
jdstrandI was not aware of the .in and .out parts. incidentally, if you are seeing apparmor denials, they will be in kern.log (of audit.log if using auditd)12:23
sorenDaviey: We can hope that kvm applies this same care to every fd, regardless of whether it *knows* that this special care is needed..12:23
sorenDaviey: Or we can tell it that it needs to do it and be sure.12:24
sorenDaviey: Seems like an easy decision in my book. I don't understand why you're so opposed to telling it that it's talking to a pipe? (question mark)12:24
rbasakjdstrand: right now I'm just seeing libvirtError: internal error cannot load AppArmor profile 'libvirt-984032ec-630f-c8e1-36ce-8d7b6efd1266' which doesn't make sense to me12:24
rbasaksoren: this is exactly what I thought I was raising a week ago, and I went away from the conversation thinking that you didn't think it was an issue12:25
Davieysoren: ISTR it was me that raised reservations with the fifo concerns? :)12:25
jdstrandthat can happen if things die prematrely. the logging in the security drivers leaves something to be desired12:25
ersipatdk-wk: Would you mind looking at this route table ( http://dpaste.org/UerNe/ ) and helping me understand why I can't reach 10.100.0.0/16 over eth0? Do I need a default gateway?12:26
rbasakjdstrand: aiui, all I'm doing different that is triggering that is that I've renamed console.log -> console.fifo (so the xml has changed accordingly) and that the file is now a fifo instead of a plain file12:26
sorenrbasak: What I remember was you wanting to take care of the fifo specificities outside of kvm, because you didn't seem to trust it.12:26
ersipatdk-wk: I get routed via my default gateway over eth1 for some reason >_>12:26
sorenDaviey: So why are you going the opposite way now?12:26
sorenIs this candid camera?12:26
jdstrandrbasak: reading backscroll-- you are doing this currently with apparmor disabled, for testing purposes?12:26
rbasakjdstrand: no I rebuilt the instance since then. do you want me to try that?12:27
Davieysoren: Expect a cream pie in the face, shortly.12:27
jdstrandrbasak: no, not particularly. I just wanted to verify that if you tried to disable the driver, you did it correctly12:27
sorenersi: Which IP are you trying to reach?12:28
rbasaksoren: I didn't trust it because I thought you were telling me to not tell it about the fifo, and I was worried that this would break something!12:28
sorenersi: ...because you're not routing 10.100.0.0/16 over eth0.12:28
sorenersi: only 10.100.0.0/18 (if my binary arithmetic is right)12:29
ersisoren: Uhm, I'm trying to reach 10.100.66.12, which is my VLAN network, which should get sent on eth012:29
rbasakjdstrand: I don't understand why it would fall over at this point, but I might as well make the change to type="pipe" and worry about it if it persists then. I might have to get back to you :)12:29
ersiyeah, I meant /18.. Crazy ass Set top boxes want them netmasks12:29
patdk-wkthat is like a /26 netmask, not /16 or /1812:30
sorenersi: ersi 10.100.66.12 is in 10.100.64.0/1812:30
patdk-wkoh, I can't read :)12:30
patdk-wkjust got out of bed12:30
sorenersi: Not 10.100.0.0/1812:30
ersiMmmh, d'uh. How silly of me12:31
ersiWonder if I made it more silly now... :D Dosh darn this crazy network. > http://dpaste.org/X6PKE/12:33
someuseri'm trying to install glpi, but the install procedure says: can't create or write to <various names> folder. this is weird, since i'm the owner of these folders. any suggestions?12:33
sorenrbasak, Daviey: I think it's fair to say that someone misunderstood someone. Now, can we please just fix this?12:33
rbasaksoren: np12:33
rbasaksoren: just to make sure I'm clear now though12:34
rbasak<rbasak> soren: just to make sure I understand, if I use type="pipe", I still need to append .in and .out? And by ignore are you saying that I need to open for write (so it won't block the open for read at the qemu end), or just do nothing?12:34
ersisoren or patdk-wk: mind having another look? http://dpaste.org/X6PKE/12:34
sorenrbasak: Just ignore it. Forget it exists. <jedi mind trick>there's no .in pipe</jedi mind trick>12:36
rbasaksoren: so I shouldn't even create the .in fifo?12:37
rbasakah: "QEMU will not create these fifos, and requires them to be present."12:38
rbasakBut if I create it and don't write to it, qemu will block on opening it for read12:38
rbasakBut if I create and and don't _open_ it for writing, qemu will block on opening it for read12:39
sorenWhat makes you say that?12:39
rbasakwhich part? manpage says that they must be present. fifo semantics are that opens block when opening for read if no writers, unless O_NONBLOCK is specified12:40
sorenThis part: 12:39 < rbasak> But if I create and and don't _open_ it for writing, qemu will block on opening it for read12:40
sorenWe established this weeks ago.12:40
sorenQEmu *knows* this is a pipe, becuase we tell it's a pipe.12:40
sorenSo it doesn't do stupid things like hang when we don't write to it or die when we stop listening.12:40
rbasakOK, now I'm clear on what you're saying - thanks12:41
sorenAs I said back then: 10:35 < soren> Daviey: If everyone knows they're taling to a fifo, the semantics are well understood and pretty easy to deal with.12:41
sorenComplete with typos and everything.12:41
rbasakYeah a big "If" there. As I thought you were proposing that we *didn't* tell qemu that it was talking to a fifo, the sense in that sentence is completely reversed12:43
* Daviey screams12:43
sorenAh.12:44
sorenNo, qemu lets you specify the type of file its chardevs are connected to. There are a bunch of them.12:45
sorenThere are plain files, pipe, serial, parallel, stdio, braille, udp, tcp, socket, tty.12:45
sorenAnd more.12:45
sorenEach with their own idiosyncracies.12:46
twbYou're supposed to call them "features" until the users are at the gates with pitchforks and torches12:46
Davieytwb: Shouldn't you be asleep?12:47
zulmorning12:47
sorenIt's amazing anyone lets me talk to other devs, let alone users.12:47
twbDaviey: 10PM12:47
twbEr, 1112:47
Davieyah, ok.12:48
zulsoren:  i agree :)12:48
twbI'm trying to replace crappy ol' Ubuntu armel with nice shiny Debian armhf, on my new netbook12:48
Davieysoren: It's amazing you are still breathing.12:48
Davieytwb: happy days12:48
twbI fucked up the bootloader so now I'm recompiling u-boot, and since the host is hosed, I'm doing so in a qemu-user-static chroot, from my old Atom netbook12:49
spajderixI have apache2 with mod_php enabled, hosting around 40 vhosts. I noticed something which I can't explain. I have entry in access.log with ip sending POST request to a page, and in this exact second, a file with random_numbers.php name get's created. There is no form or POST data processing what so ever on a given page. I have no idea how this happens, and more importantly how to prevent this12:50
spajderixfrom happening. Could you help me with figureing this out?12:50
sorenDaviey: I may very well not be.12:50
twbDaviey: if I'm lucky qemu won't cause gcc-4.6 gnueabihf to have an internal error, like it does when compiling yacc output12:51
sorenspajderix: Someone's found a bug in the page they're posting to that lets them hack you. Probably.12:52
twb\begin{bigot}The bug is: he enabled PHP.\end{bigot}12:52
zulphp is still evil12:52
rbasaklibvir: QEMU error : internal error Process exited while reading console log out12:53
rbasakput: chardev: opening backend "pipe" failed12:53
rbasakAm I missing something obvious?12:53
rbasakMy xml is http://paste.ubuntu.com/695611/12:53
spajderixsoren: That was my first thought, but i've checked the code. There is only a few lines of code getting items from db, and checking for pagination stuff. That's all. Is there a way to get POST data logged for requests in apache?12:54
rbasakIncidentally if I write to console.fifo.out then it goes into the ringbuffer OK :)12:54
sorenrbasak: 2 pipes will be created called path.in and path.out. Data written to path.in will be received by the guest. Data written by the guest can be read from12:54
soren           path.out. QEMU will not create these fifos, and requires them to be present.12:54
sorenrbasak: Maybe they both need to exist. Do they?12:55
rbasaksoren: yes I've created them both12:55
rbasakprw-r----- 1 root root        0 2011-09-23 12:50 console.fifo.in12:55
rbasakprw-r----- 1 root root        0 2011-09-23 12:52 console.fifo.out12:55
twbrbasak: what's the kvm invocation look like?  (it's logged into /var/log/libvirtd-bin somwhere)12:55
sorenrbasak: Oh.12:55
sorenrbasak: Then need to not be owned by root.12:55
sorenrbasak: ..but libvirt should be handling that :(12:55
rbasaksoren: I'm running everything as root at the moment12:55
sorenrbasak: Are you absolutely sure?12:56
sorenrbasak: How did you do that?12:56
twbYou can probably cheat in the short term by making those fifos 66612:56
sorentwb: I don't love you anymore.12:56
twb*in the short term*12:56
sorenmmmm12:56
twbI'm assuming this host is not connected to another12:56
rbasakI can try that12:56
sorenI kind of doubt that you're actually running kvm as root.12:57
twb*I* do, because I'm a bastard :-)12:57
rbasaktwb: qemu invocation: http://paste.ubuntu.com/695616/12:57
* koolhead17 bows to Daviey 12:57
koolhead17hey zul12:57
twbgoddamn ubuntu12:57
twbI don't want to log into openid just to get "download as text"12:57
sorentwb: Yeah, that's pretty obnoxious.12:58
twbIt probably won't work anyway in w3m12:58
sorenrbasak: Well, unless you've changed it, kvm runs as some other user.12:58
sorenlibvirt-qemu or something.12:58
rbasaksoren: OK, I'll try 66612:58
twbXSLT to the rescue12:58
ersisoren, patdk-wk: nevermind. I was using a IP-address that was in the wrong subnet/netmask. That's why "nothing" worked :)12:59
twbrbasak: why --no-kvm there?12:59
rbasaktwb: no idea. I'm just using nova.sh12:59
twbrbasak: do you have hardware VT?13:00
rbasaktwb: I don't know, but it does work without my patch13:00
twb23:00 <dpkg> To confirm if your processor supports x86 virtualization extensions. run: egrep -q -e '^flags.*vmx' -e '^flags.*svm' /proc/cpuinfo && echo 'virtualization extensions available'.  Note that Intel VT (IVT) support may be switched off in firmware for some implementations.  See also <virtualization>.13:00
rbasakevidently I don't13:01
rbasak(it is virtualised once already)13:01
twbOh13:01
twbI was about to say "who cares about the actual problem, first go buy some appropriate hardware"13:02
rbasakOK same error: libvir: QEMU error : internal error Process exited while reading console log out13:02
rbasakput: chardev: opening backend "pipe" failed13:02
rbasakFIFO is now 66613:02
rbasakIs there a component of qemu I'm missing or something?13:02
twbrbasak: can you just run kvm by hand, and if so does it get at least as far as that error?13:03
rbasakI tried running the same command line but it didn't work - I think because lots of setup like maybe pts etc that nova provides is missing13:04
twbyeah i had that problem with libvirt too13:04
rbasakI will need to cut the line down carefully to a version that will work to test just the fifo behaviour13:04
twbWell, you can test taht bit just using the fifo part plus a d-i kernel and initrd13:05
rbasakOK13:05
rbasakI just checked the docs carefully13:05
rbasakThe manpage contradicts itself13:05
rbasak"On other hosts, 2 pipes will be created called path.in...QEMU will not create these fifos..."13:06
sorenCheck dmesg13:07
sorenSee if apparmour blocks it.13:07
rbasakAha, yes it is13:07
rbasakThanks soren, that just saved me the next half hour13:07
twbGood catch13:08
rbasakOK so this is where jdstrand comes in I think? The generated profiles have console.fifo only, not console.fifo.in and console.fifo.out13:08
rbasakjdstrand: example xml is here: http://paste.ubuntu.com/695611/13:10
jdstrandrbasak: and do you have apparmor denials?13:10
rbasakjdstrand: example generated profile: http://paste.ubuntu.com/695621/13:11
rbasakjdstrand: dmesg: http://paste.ubuntu.com/695622/13:11
rbasakjdstrand: they may not match exactly, if you need them to let me know and I'll do another test run13:11
jdstrandrbasak: can you attach all that to the bug?13:11
rbasakjdstrand: will do13:12
uvirtbotNew bug: #857021 in glance (main) "glance (2011.3-0ubuntu1) fails to install, error in .postinst" [High,Fix released] https://launchpad.net/bugs/85702113:12
rbasakjdstrand: I'll tidy up and make everything consistent and attach my patch to the bug as well then. It's a good point to have a checkpoint anyway13:12
=== kentb-out is now known as kentb
=== med_out is now known as medberry
uvirtbotNew bug: #857366 in cloud-init "support configuring landscape-client in cloud-config format" [Medium,Triaged] https://launchpad.net/bugs/85736613:21
uvirtbotNew bug: #857378 in cloud-init "make a DataSource supporting simple local media (configdrive, simple iso)" [Medium,Triaged] https://launchpad.net/bugs/85737813:21
uvirtbotNew bug: #857380 in cloud-init (main) "stack trace if 'local-hostname' is not in meta-data" [High,In progress] https://launchpad.net/bugs/85738013:26
* Daviey wonders if smoser will ever cut a new upstream version of cloud-init13:32
hallynDaviey: he's on a 'linux 3.0' schedule14:04
twbkool-aid boy, huh14:05
zulif i create a nova group it shouldnt do anything bad should it?14:12
laoshey there guys - i was wondering if any of you would know if apache2 would start acting weird and ddns also after an internal ip change from 192.168.1.7 to 192.168.1.1014:24
raubvogelAnyone using k5start?14:24
laosi had a similar issue in the past and it went away after the router gave the original ip back to the server, but now my router is refusing to release the lease on the device that took the server's old IP14:24
lynxmanmorning everyone o/14:47
Davieyhey lynxman14:50
Davieyzul: Are you working on s/socat/netcat ?14:50
lynxmanDaviey: hello sir14:50
zulDaviey: yeah14:50
Davieyzul: right now?14:50
zulDaviey: 10 minutes ago i moved on to the iscsi stuff14:51
zulwhy?14:51
Davieyzul: Just prepairing for the release meeting, wondered ETA14:53
zulDaviey: this afternoon14:54
Davieycool!14:54
zulill do the dh_python2 stuff while we are at it14:56
smosernew upstream version of cloud-init coming, dont worry daviey.15:03
smoseri was kind of hoping to have it not *terribly* broken for gholms' fedora work.15:04
bcessahi, I've a problem, how can I adjust the SMPT port from 25 to something else to use it with postfix?15:10
rbasakAm I supposed to be able to submit multiple attachments in a bug comment? Or is a tar acceptable?15:14
rbasakjdstrand: I've updated bug 832507. Can I leave the apparmor fix to you please?15:19
uvirtbotLaunchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress] https://launchpad.net/bugs/83250715:19
jdstrandrbasak: yes, thanks15:19
bcessagot it15:20
robbiewDaviey: adam_g:  so it just occurred to me when we rollout official HowTo documentation for Orchestra, we should include any ARM specific gotchas (in terms of pandaboards)15:33
robbiewrbasak: zul: ^15:33
zulrobbiew: just the cobbler bits afaik15:34
robbiewzul: that's what I thought15:34
DavieyTalking of which, i'm not sure the PXE fix has landed in uboot.15:34
rbasakI have followed http://pad.ubuntu.com/arm-server-netboot through for cobbler (directly, no Orchestra) and it worked without any issues15:35
rbasakAlthough I did some of the parts by hand so didn't test the scripts15:35
Davieyrocking.15:35
Davieyrobbiew: Next week probably involves doc consolidation.. pushing together all the snippets into the main docs.15:36
=== MagicFab is now known as Guest99328
MiaFarrowsHello there15:40
MiaFarrowsI've just installed 11.04 and I don't know how to change the keyboard layout so it uses the Spanish(Spain) keyboard layout15:41
RoAkSoAxrobbiew: I should have the orchestra/juju docs finished by the end of the day today then adam_g_ could add the openstack stuff15:41
MiaFarrowsI've tried dpkg-reconfigure console-setup, but just lets me select the encoding, charset and font settings15:41
RoAkSoAxrobbiew: i should aslo include ARM if desired15:42
robbiewDaviey: RoAkSoAx: ack15:42
Davieyzul: Is "List of missing bits pieces of libvirt for lxc (libvirt 0.9.1-1 merge is pending)" still required?15:43
zulnah i think we are good15:43
Davieycool15:44
DavieyRoAkSoAx: Did you have a chance to "Validate desktop deployment through cobbler" ? (alt cd?)15:44
MiaFarrowsAnyone can help me please?15:45
RoAkSoAxDaviey: I did once long ago, I;ll do it again today15:46
DavieyRoAkSoAx: awesome15:46
MiaFarrowsAs I've already said, how can I change the keyboard layout from Ubuntu Server 11.04's console?15:46
DavieyRoAkSoAx: If it works, can you update the blueprint?15:46
RoAkSoAxDaviey: sure15:46
MiaFarrowsAAAAAAAAAAGGGGGGHHH Fuck you all! and Thanks for nothing idiots!15:47
robbiewMiaFarrows: are you using ubuntu server?15:47
robbiewor desktop?15:48
MiaFarrowsServer, as I said like 3 times15:48
oCeanMiaFarrows: better drop that attitude15:48
MiaFarrowsim so fuckin desperate+15:48
robbiewMiaFarrows: calm down15:48
oCeanMiaFarrows: control your language here, please15:48
MiaFarrowsalright sorry, I've been in front of the console for 2 hours15:48
robbiewMiaFarrows: understand the frustration...give me a sec15:49
MiaFarrowsI'm kind of irritated right now.15:49
MiaFarrowsSorry for the attitude, once again.15:49
koolhead17MiaFarrows: your not alone hitting your head against it15:49
robbiewkoolhead17: is this a known bug?15:50
* robbiew asks before diving into it15:50
koolhead17robbiew: no. i dont think so15:50
robbiewok, thx15:51
zulDaviey: can you have a quick look at lp:~zulcss/nova/ubuntu-changes15:51
=== CluelessPerson is now known as Clueless_AWAY
koolhead17MiaFarrows: so when you installed the server did it not asked you for keyboard layout?15:52
MiaFarrowsnope15:53
=== Clueless_AWAY is now known as CluelessPerson
MiaFarrowsafter installing the server I got the loving prompt15:53
Davieyzul: you know nova has moved to git now?15:53
koolhead17MiaFarrows: care to explain once more please15:53
MiaFarrowsdamn autocorrection lol, logging*15:53
zulDaviey: yeah i know15:53
zulthis is packaging changes for ubuntu15:53
Davieyoh15:54
Davieyzul: stacked against nova?15:54
zulyes the diablo packaging branch15:54
robbiewMiaFarrows: sudo dpkg-reconfigure console-setup15:54
just-a-visitor(I'd suggest to check /etc/default/keyboard and set XKBLAYOUT="your_2_letters_language_code")15:55
koolhead17echo "setxkbmap us" >> ~/.bashrc15:56
koolhead17:)15:56
zulDaviey: like we talked about15:56
Davieyzul: rev 197 to head?15:56
MiaFarrowsI downloaded the 11.04 64 bits .iso from ubuntu.com, installed it on vmware and as soon as it finished installing the server, vmware-tools were installed, and after that a login prompt appeared on the server's console, I can log in, but the keyboard layout is set to english I guess, so I did dpkg-reconfigure console-setup but there is no option to change the keyboard language, just let's you change the encoding that the15:56
MiaFarrowsconsole uses, the font size/face and the charset.15:56
zulDaviey: the latest and greatest15:57
MiaFarrowsSo whenever I want to type '-' I get '/' instead15:57
MiaFarrowsthe ñ is a ; and so on15:57
DavieyMiaFarrows: vmware does some magic to make the install less (more) painful.15:57
* koolhead17 have never used VMware15:58
MiaFarrowsDavley, I've installed it manually, no easy install15:58
Monotokohey guys...I'm trying to create a global LAN...in that I want people to be able to connect to my server (authenticated, there will be about 100 users) and then go where they need to. I want to add another TLD inside the network, for example www.main.dev takes a user to the main page...could OpenVPN do this?15:58
DavieyMiaFarrows: you probably want to change, /etc/default/locale15:58
hallynDaviey: should bug 842845 be assigned to someone (zul :)?  If not, I might feel like I have to go spend time on it16:02
uvirtbotLaunchpad bug 842845 in libvirt "problems starting multiple lxc instances concurrently" [High,Confirmed] https://launchpad.net/bugs/84284516:02
zuli wasnt able to reproduce it actually16:02
Davieyhallyn: sounds wonderful, zul you are pretty loaded at the moment! :)16:02
zulbut there is some funkyness when you are shutting down the instances16:03
Davieyzul: Have you tested the deprecated auth stuff?16:03
zulDaviey: no...i was waiting to get the package out of the pending state :)16:03
Davieyzul: it has been for a few hours.16:04
zuleh? even with iscsitarget and socat?16:04
Davieyzul: those are not build deps.. :)16:04
zulDaviey: gah...interesting well it wont be using them in ubuntu216:06
Davieyzul: Hmm d/changelog has duplication?16:07
koolhead17zul: hope your not doing anything to the keystone.16:07
zulDaviey: hold on lemme check16:07
hallynDaviey: zul: I should take the bug?16:07
zulhallyn: please16:07
Davieyhallyn: +116:07
hallynkewl, thx16:08
Davieyzul: the netcat replacement - is it tested?16:08
hallynI've got some kernel patches to fix up first though.  Kick me if you want me to get to it today.16:08
zulno i dont think anyone tested socat either16:08
zulDaviey: pushed16:09
Davieyzul: regarding the patch, is it worth linking to the gerrit review page?16:09
Davieyfor Forwarded:16:09
zulDaviey: good idea16:09
Davieyzul: Yeah, i think you are right.. if we can just get socat off the list, it helps.. we should make a point of testing it this week16:10
zulagreeed16:10
Davieyzul: Do you want to add one more patch?  Seems silly for me to do it seperately16:11
zulDaviey: sure16:11
Davieyzul: https://code.launchpad.net/~nttdata/nova/850602/+merge/7548016:12
Davieythe test didn't cleanly apply.. it might do now with a new snapshot16:12
zulDaviey: ok ill pick it up after I eat16:14
zulbut other than that you are ok with it?16:14
Davieyzul: i think so16:16
Davieyzul: changelog exceeds 80 chars width16:17
Davieyzul: In retospect, as it seems to build on Lucid - perhaps we should keep that change?16:18
zulthe dh_python2 change?16:21
Davieyyeah16:21
zulnah16:22
Davieyadam_g_: are you alive?16:37
* SpamapS just had MAJOR de ja vu16:38
lynxmanDaviey: he was pretty tired yesterday after the talk16:39
=== lullabud is now known as warzauwynn
DavieySpamapS: you've only been gone 3 mins!16:39
Davieyyou didn't sleep16:39
Davieylynxman: thanks16:39
SpamapSDaviey: son of a!16:40
SpamapSjdstrand: some time last week you pinged me about PHP 5.3.8 .. http://news.php.net/php.internals/55598 ... I raised the issue that we had been dragging our feet on shipping it and it seems Rasmus agrees that they need to revert the change, so 5.3.9 should be good.. but too late for 11.10. :-/16:41
SpamapSOr that might have been 2 weeks ago16:41
SpamapStime is a blur :p16:41
jdstrandSpamapS: thanks16:43
jdstrandsbeattie: ^ for your updates16:43
jdstrandSpamapS: it may have even been 3 :P16:43
koolhead17soren:16:43
jdstrandSpamapS: thanks for following up though16:43
adam_gDaviey: here16:53
lynxmanhey koolhead17 o/16:53
robbiewadam_g: how'd the juju talk go?16:54
robbiewyou survive?16:54
adam_grobbiew: eh16:54
koolhead17hey lynxman16:54
adam_gAdri2000: :)16:55
adam_ger16:55
koolhead17am much relaxed today16:55
Davieyadam_g: Cool!  I got live migration working..16:55
Davieythe charm could do with some changes to enable it by default?16:55
adam_gDaviey: yeah, it would be easy. what was needed?16:55
Davieyadam_g: generating and sharing a psk.. and a /etc/default/libvirt* change16:56
DavieyI'm currently using it with noauth, rather than a psk16:56
adam_gDaviey: /etc/default/libvirt* changes on the compute nodes i assume, but psk shared between who?16:57
Davieyadam_g: the compute nodes need to talk directly with eachother.. so the psk between them16:59
Daviey/etc/default/libvirt to add -l (listen mode)16:59
adam_gDaviey: ah yeah, should be doable in the charm. what about migration flags in nova.conf? did you figure out exactly which ones were required?17:07
zulDaviey: just doing a test build17:10
Davieyadam_g: Yeah... don't touch the flags :)17:15
Davieyred herring :P17:15
Davieyleave it as default17:15
SpamapSis the nova in the archive the final diablo release?17:16
zulyes17:16
SpamapSzul: <borat>HIGHFIVE</borat>17:16
zulhehe17:16
adam_gDaviey: dont touch as in dont set them at all?17:17
Davieyadam_g: yeah, vanilla settings17:21
Davieysmoser: hmm, why do you hate dep3 so much?17:21
smoseri didn't realize i did17:21
smoseroh. in cloud-init ?17:21
smoseri think its cleaner and more obvious when you're just cherry picking17:22
smoserthey're straight forward17:22
Davieysmoser: It does feel pretty damn ugly to include a LICENCE as a pach to 'upstream'17:22
Davieyyeah17:22
smoseri use some text in debian/README.source to easily cherry-pick17:23
smoserand turning that into a DEP-3 formated diff would be a PITA and useless.17:23
Davieysmoser: why not just cut a new release?17:23
smoserbecause i got close enough to what i had hoped was going to be in oneiric that i just said "i'll cut a release with what is in oneiric"17:23
smoser:)17:23
Davieysmoser: Considering you are upstream, and you are including all patches to upstream (right?), this aproach seems to be doing it wrong :)17:24
smosercutting binaries every 3rd day is wrong17:25
smoseruploading binary snapshots to ubuntu as new releases is wrong17:25
smoserboth of those make it harder to see what is changing than this.17:26
Davieysmoser: well i disagree, but i won't block on it.17:26
smoserreally?17:27
smoserhow would you review the changes in a new snapshot?17:27
smoserhere there is a single new patch17:27
smoserand launchpad is less filled with meaningless binary original source tarballs17:28
Davieysmoser: Launchpad generates diffs17:29
Davieyas in debdiff's17:30
Davieyhttp://launchpadlibrarian.net/80735555/cloud-init_0.6.1-0ubuntu19_0.6.1-0ubuntu20.diff.gz is what i reviewed.17:30
smoserok, so in this rare case that you're reviewing something post upload17:30
Davieysmoser: if it was a bzr merge proposal it would STILL be easier to review if it wasn't flat patches.17:31
smosercompletely disagree17:32
smoserif it was a bzr merge proposal, and i was making changes to the files (as opposed to patching them) and using quitl 3.0, you'd get double diffs17:32
Davieysmoser: how?17:32
Davieysmoser: exactly.. by using flat patches i'd get double diffs.17:33
Davieyif you cut a new release, i'd get single diffs17:33
smoseryou dont have doulbe diffs now. you have a diff that adds a patch17:33
smoserif i were using quilt 3.0, you'd get a diff that added a patch, and diffs to the files17:33
smoserand you'd have to use 'filterdiff' or some other sillyness to tell bzr to do what it should do17:33
smoseranyway17:34
Davieysmoser: no.. i think you are failing to listen to what i am saying :)17:34
Davieyif you didn't patch, but cut a new release - what job does quilt have?17:34
smoserwhy would i cut a new release?17:37
smoserfor 3 lines of changes?17:37
smoserwhat upstream woudl do that?17:37
zulalrighty...nova ubuntu2 coming your way17:37
robbiewRoAkSoAx: hey, so awhile back I created https://wiki.ubuntu.com/ServerTeam/Orchestra17:41
robbiewcould you take ownership of that?17:41
RoAkSoAxrobbiew: sure17:42
RoAkSoAxrobbiew: I will jupdate it accordingly17:42
robbiewthanks!17:42
koolhead17hey robbiew RoAkSoAx17:44
robbiewkoolhead17: what's up?17:44
koolhead17robbiew: notthing much. much relaxed today !! :D17:45
koolhead17RoAkSoAx: and am still stuck at same bloody custom partitioning in cobbler :(17:46
RoAkSoAxkoolhead17: hehe how so17:47
koolhead17RoAkSoAx: http://www.tylerlesmann.com/2008/jul/06/fun-preseed/  This is what some wise man suggested me to go through, but was too occupied with dear keystone. :D17:48
koolhead17zul: just request. don`t spend time on this https://bugs.launchpad.net/keystone/+bug/855467 i think it has much to do with path.17:52
uvirtbotLaunchpad bug 855467 in keystone "Keystone fails to locate any configuration file." [Undecided,New]17:52
koolhead17i have keystone working now from github i will see if i can check this issue myself17:54
* koolhead17 rushes home17:55
=== Jasonn is now known as Jasonn|NotHere
=== Jasonn|NotHere is now known as Jasonn
adam_gDaviey: details about the psk stuff around anywhere?18:18
Davieyadam_g: libvirt wiki18:22
Davieyone mo18:22
Davieyadam_g: http://libvirt.org/remote.html#Remote_certificates18:23
adam_gDaviey: thanks18:24
=== _ruben_ is now known as _ruben
Jasonnhi, I have a problem when uploading files via FTP. IT seems to give me: 550 Permission Denied. When I try to upload to my home dir.,18:38
SpamapSJasonn: your ftp service probably doesn't run with enough privileges to write to your home directory19:02
sorenkoolhead17: hm?19:43
koolhead17soren: was trying dashboard with keystone, was stuck somewhere then got https://github.com/cloudbuilders/devstack/blob/master/files/keystone_data.sh19:44
koolhead17so pinged you that time. am home so will try it 2morrow19:45
koolhead17:)19:45
sorenalright.19:47
uvirtbotNew bug: #857746 in qemu-kvm (main) "Drop capabilities bit in emulated e1000" [Undecided,New] https://launchpad.net/bugs/85774620:52
uvirtbotNew bug: #857759 in libaio (main) "package libaio-dev (not installed) failed to install/upgrade: trying to overwrite '/usr/include/libaio.h', which is also in package libaio 0.3.104-1" [Undecided,New] https://launchpad.net/bugs/85775921:12
uvirtbotNew bug: #857765 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/85776521:16
uvirtbotNew bug: #852848 in php5 (main) "MOPS-2010-006: PHP addcslashes() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/85284822:22
uvirtbotNew bug: #852868 in php5 (main) "php5 var_export() information leak" [Undecided,Confirmed] https://launchpad.net/bugs/85286822:22
uvirtbotNew bug: #852871 in php5 (main) "PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability" [Undecided,Confirmed] https://launchpad.net/bugs/85287122:22
uvirtbotNew bug: #852885 in php5 (main) "PHP rfc1867_post_handler File Path Injection Vulnerability" [Undecided,Confirmed] https://launchpad.net/bugs/85288522:22
uvirtbotNew bug: #852847 in php5 (main) "MOPS-2010-008: PHP chunk_split() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/85284722:24
uvirtbotNew bug: #852910 in php5 (main) "PHP Magic Quotes Fails to Protect mysqli_fetch_assoc" [Undecided,Confirmed] https://launchpad.net/bugs/85291022:26
uvirtbotNew bug: #852913 in php5 (main) "PHP trim()/ltrim()/rtrim() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/85291322:26
uvirtbotNew bug: #852916 in php5 (main) "http://php-security.org/2010/05/31/mops-2010-054-php-zend_concatzend_assign_concat-opcode-interruption-information-leak-and-memory-corruption-vulnerability/index.html" [Undecided,Fix released] https://launchpad.net/bugs/85291622:26
uvirtbotNew bug: #852865 in php5 (main) "strrchr() functions information leak" [Undecided,Confirmed] https://launchpad.net/bugs/85286522:27
uvirtbotNew bug: #852907 in php5 (main) "PHP Iconv Improper Handling of Unrecognized Encodings" [Undecided,Fix released] https://launchpad.net/bugs/85290722:27
Dulcinis setting the /var/www mode to 755 secure enough?22:28
uvirtbotNew bug: #852853 in php5 (main) "CVE-2010-2101" [Undecided,Fix released] https://launchpad.net/bugs/85285322:28
stiv2kok wtffffff22:35
stiv2ki dont understand why this keeps happening22:35
stiv2kevery morning at ~5:45am, my server gets a dhcp address from my router... even though it's configured static in /etc/network/interfaces and also configured static by wicd22:36
stiv2kand i have to unplug/replug the network cable to make it get a static address again22:36
stiv2ksuggestions?22:36
lynxmansmoser: ping22:47
adam_glynxman: lol22:48
lynxmanadam_g: hm? :)22:48
adam_glynxman: cloud-init?22:49
lynxmanadam_g: lol, yes22:49
lynxmanadam_g: where are you22:49
qman__stiv2k, make sure it's configured in /etc/network/interfaces, then sudo ifdown, find and kill any DHCP processess still running, then sudo ifup22:49
adam_glynxman: back row.22:49
qman__also, if you have networkmanager, remove it22:49
lynxmanadam_g: I'm 2nd row22:49
stiv2kqman__: i dont have networkmanager but i use wicd22:51
qman__I don't know anything about wicd22:51
stiv2kholy fuck22:51
stiv2ki think the apocalypse is happening22:51
qman__but the above process will resolve any other rogue DHCP configurations22:51
stiv2kqman__: ill show you my interfaces file22:52
stiv2kqman__: http://fpaste.org/MFu1/22:52
stiv2kno ip info there, i let wicd get the static ip22:52
qman__well, you have to configure an address22:52
stiv2kwicd does it22:52
qman__like I said, I don't know anything about wicd22:53
stiv2kok22:53
stiv2kwell, i pretty much did everything you said EXCEPT i never issued ifdown and ifup commands22:53
stiv2kand22:53
stiv2ki wouldn't know which processes are dhcp processes22:53
qman__dhclient mostly22:53
stiv2kaha22:53
qman__it's very persistent that once it's run, it'll stick around and keep renewing it22:53
stiv2kthats probably where my problem is22:54
qman__unless it is killed off, it'll override your static configurations22:54
stiv2kroot     32240  0.0  0.0   2548   792 ?        Ss   Sep20   0:02 dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclient.eth0.leases eth022:54
stiv2k^22:54
qman__the ifdown/up process does that22:54
stiv2kokay22:54
qman__so does a reboot22:54
stiv2kyeah never rebooted since installing22:54
qman__provided it's configured properly, at least22:54
stiv2k38 days, 12h ago22:54
stiv2kok this should resolve it then22:54
stiv2kim going to ifdown ifup22:54
stiv2kbrb22:54
qman__it's always a good idea to reboot a new server at least once after it's set up, to make sure it comes back online22:57
qman__because it will inevitably reboot when you're not around to fix it22:57
=== kentb is now known as kentb-out
stiv2kok23:00
stiv2kwtf23:00
stiv2kqman__: after ifdown/ifup, the process is still there23:01
qman__that's what the other bit was for, sometimes they're stubborn23:02
qman__ifdown, kill manually, ifup23:02
stiv2kah23:02
stiv2kok23:02
qman__if it comes back, something is misconfigured23:02
qman__if not, you're good23:03
stiv2ki think i goti t now23:04
stiv2kgot it*23:04
smoserlynxman, what is up ?23:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!