[00:15] Hello how can I reconfigure a desktop with Ubuntu 10.04 to function as a headless server? What I would like to do is connect it to a laptop via crossover cable and interact with it using SSH, RDP, VNC, LTSP, or any combination fo those as well as use it as a file server? I have configured the grub to boot to console, how do I ensure that those services will start without me loggin into the machine locally? [00:17] hey guys.. i'm using Ubuntu Server 10.04 to try to setup a cloud, when i enter the cmd "sudo -u eucalyptus ssh-copy-id -i ~eucalyptus/.ssh/id_rsa.pub eucalyptus@" i get "RROR no identities found". any idea what i need to do === nomadicus is now known as Technicus [02:42] New bug: #859322 in php5 (main) "php5 crashed with SIGILL in initialize_imagick_constants()" [Undecided,Invalid] https://launchpad.net/bugs/859322 [03:21] New bug: #859341 in bacula (main) "Bacula default config flawed" [Undecided,New] https://launchpad.net/bugs/859341 [03:48] i have a question about ubuntu servers, particularly postfix-dovecot, I keep seeing things like "mail_location = maildir:~/Maildir" in which I understand that the tild/~ refers to the users home directory. But if this is a server how can the mail recipient have a home directory on the server. Surely the only user with an account on the server is/are the admin [03:48] JohnA1: users with shell accounts will have home directories [03:48] JohnA1: if your users exist only in the mail system, then ~ probably doesn't make sense [03:49] But surely there maust not be any users with shell accounts, other than the admins, and they should not be logging on to the server except to perfom main functions!!! [03:50] That all depends [03:50] twb: on what? [03:50] On what your server is for [03:50] I think it is more common for a server to have normal unix accounts than for them to have mail-only accounts. [03:51] twb: email, web, file, webdav .... [03:51] e.g. a corporation or a university would (usually) be the former; an ISP would usually configure their customers only for the latter [03:52] JohnA1: well, if you're going to be doing file sharing with NFS or Samba, the users' accounts must exist in that subsystem, too. The easiest way to integrate such things is just to give them conventional accounts. [03:53] twb: why bother they can never log on to the server. [03:54] Quick question if anyone can give me a hand...I'm in my server right now, having an issue I've had once or twice, it resolved itself last time(or rather, I accidentally fixed it I assume). I can't see anything I'm typing. It's making wget a headache [03:56] twb: i am also trying to work out to put such things as "~/.dovecot.sieve" on a system where all the email user are virtual! [03:56] Sorry, I don't know have experience with virtual users [03:56] You can wait here for someone else to respond, and/or try #dovecot and #postfix as appropriate. [03:59] TWB: thats ok I'll work it out. Just its very puzzleing when you are told that there should be no users on a server, hence no home dirs, and then lots of config stuff anchors itself to the home directories of users who should not exist!!! [04:00] I don't know who told you that, but IMO it is wrong [04:00] If you don't want users logging into the system, create normal accounts, but revoke their SSH access [04:00] (e.g. AllowGroups in sshd_config) [04:03] twb: whats the point in having user account on a server if the users cannot log on to access them. [04:03] JohnA1: er, so they have a home directory [04:04] So that dovecot and samba and friends can all just see the users by looking in the normal place, instead of having to be told about separate "virtual" users [04:06] virtual users are best suited when you have a web server with lots of domains you want separate mail-only users for [04:07] if you've got other services like that, you should use normal users [04:08] makes configuration a lot simpler, and as twb said, it's easy to restrict access to the stuff you want them to use [04:08] twb: I was about to we are gong round in circles when I saw you last comment, we have several domains [04:08] Ah, well, I don't have that problem. [04:08] I guess if it were me I would be operating each domain inside an LXC gaol anyway. [04:09] Depends if you have 10 domains or 10,000 [04:09] Can anyone tell me how to get what I'm typing into the kernel to show up as I'm typing it again? I'm in Ubuntu Server 11.04 and anything I type is hidden, but still works when I enter it. All I need to do is a simple wget but it's difficult to keep track of the url while I can't see what I'm typing... [04:10] Relatively new to server [04:11] TWB: about 15 domains, some are aliases of others, so we wind up with about 8 silos. [04:12] twb: we were using samba, but switched to webdav as this makes things easier when our purchasing/sales people are travelling particularly in China! [04:27] Then get 8GB of RAM and just run each domain as a gaol, with a separate apache and dovecot instance inside it, and conventional unix users inside it [04:27] You want to do that anyway for apache if they're doing fucked-up things like PHP, to stop one customer's bad PHP code from allowing attackers to bork other domains [05:24] Oh FFS, zenity --help won't give you help output unless you start X [05:25] Which is a big help when I'm dialled in to an airgapped prison over a 56k modem :-/ [06:13] Hello. I monitor some files on my servers like the checksum of sshd. It has changed this morning and it is probably just a security update. Anyway, can I verify the current checksum against a value on the Internet somewhere? [06:16] blinkiz: debsums, debsecan [06:17] Possibly something heavier-weight, like tripwire [06:18] twb, Thanks for the suggestions. === jpds_ is now known as jpds [07:31] New bug: #859444 in irqbalance (main) "irqbalance crashed with SIGSEGV in readdir64() (dup-of: 739364)" [Undecided,New] https://launchpad.net/bugs/859444 [07:56] morning [08:08] morning all === sh1ny is now known as shiny_home [08:46] twb: DO you have it sorted? [08:47] Daviey: er, context? [08:47] twb: zenity --help? [08:47] Oh, sorry [08:48] The problem was I ran zenity --question --test not --text [08:48] ah [08:48] Although I did get the --help output by finding a locale lucid box [08:48] *local [08:52] groovy [09:10] hi all [09:32] Daviey: could you review/accepted the nominations on bug 843701 [09:32] Launchpad bug 843701 in tomcat7 "CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure" [Undecided,Fix released] https://launchpad.net/bugs/843701 [10:10] Hey all! I need your advice - I have a root-server running Ubuntu Server 11.04. I need to set up some special software there (Wine + Software) for other people to connect over VNC/RDP and use the PC. Now my question is what's the best way to set it up. I installed x11vnc, xorg, unity and started all but I still cant connect. [10:16] You shouldn't have X on a server [10:19] twb: The "server" should be just a remote desktop - the software is 60 GB big and people use it very rarely - so I want to have a dedicated pc only for this task [10:19] Hi, can anyone tell me how to work with KVM on Ubuntu system? is it just installing ubuntu server and then the kvm packages? [10:19] PleXs: you probably want libvirt-bin on the server and virt-manager on a desktop [10:20] twb: and the hoster I use gives only Ubuntu Server version [10:21] Dramaturg_: I've stopped caring [10:22] jamespage: looking [10:22] ta: bug closed itself when fixes landed in Oneiric [10:22] but needs SRU/security fix -> lucid [10:23] (and maybe hardy - but that is backports - not done that before) [10:23] server with no x ? how do i run gui admin utils then ? [10:24] jamespage: I assume you know that security will have to sponsor that [10:24] ? [10:24] Daviey, yes - as they have to go through -security [10:25] super [10:30] in my experience its a lot easyer to run x on the server and use vnc to connect remotely [10:30] I tryed running x remotely but it did not work well [10:30] twb, is there also a web managable manager? [10:31] If you are doing system administration via a web UI, you have already lost. [10:32] x404x: you were probably using fancy-pants modern toolkits that assume you have a fat pipe (like, DMA) between the X server and the app server [10:32] twb, I just want to be able to do the administration on multiple platforms [10:33] puppet [10:47] Daviey: ta [10:59] im not sure what u consider a fat pipe, but I was remotely admining this from crappy internet cafees in thailand, 50 people sharing a 512 kb line [10:59] it can be tuned to use very little bandwith [11:05] 10GiB/s [11:05] And yes, it can be tuned, but stuff like firefox absolutely suck at it [11:06] cf. the environment X was designed for: xterm, xclock and xload [11:14] I used it with about 20 kb /sec [11:16] x404x: what, firefox? [11:42] vnc and remote admin === smb` is now known as smb [11:49] x404x: why not freenx? [12:02] rbasak: How is the console conundrum looking? [12:02] what is the advantage of freenx ? [12:02] sounds a bit familiar, I might have tried it and it sucked [12:02] NX is far superior to vnc. [12:03] vnc = bitmaps / tiles, NX is an interactive X [12:03] Daviey: AFAICT it should work now save for the apparmor restriction that jdstrand is looking at. If I write to the generated fifo manually then it goes into console_output OK. [12:03] rbasak: Fancy pushing to a PPA, so we can try on the lab? [12:04] Daviey: it won't work without the apparmor fix [12:05] rbasak: we'll teardown apparmor to prove it DTRT without apparmor? [12:05] rbasak: can you push it with version string 2011.3-0ubuntu3~ppa0 ? [12:05] Daviey: it'll be quicker for me to demo to you with the PPA, do you still want a PPA anyway or just a demo? [12:05] s/with/without [12:06] * rbasak has a system that'll give him a test virtual nova installation in one command now [12:06] rbasak: either way.. :) [12:06] rbasak: do share. [12:08] hm maybe ill try freenx then, i guess im thinking of free vnc [12:08] does it use less bandwith than vnc and runs fine on crappy modems ? [12:09] !wfm [12:09] Common Sense: Just because you can, does not mean you should (and especially recommend to others). Think before you do. "Works for me" does not mean it is ok. The latest version of everything is not always useful if you aim for stability. Please see http://geekosophical.net/random/worksforme/ [12:09] That's the main improvement in NX - performance - less bandwidth, fewer round trips, etc. [12:09] bah, i hate that defintion. [12:13] Daviey: Contrary to what you were thinking? :) [12:14] Would seem that way [12:14] Optimize to the maaax! *screams* [12:40] hi guys! I'm wondering if the red5 install using apt-get install red5-server is 100% OK [12:50] hi [12:50] does any one know how to force fetchmail to use SOCKS5? [12:51] * airtonix looks up what red5 is, sees that it is something written in java, walks away [13:01] Daviey: fyi, while it is in universe, I thought you guys might be interested in CVE-2011-1926 for cyrus-imapd-2.2 (http://www.debian.org/security/2011/dsa-2242) [13:01] jdstrand: The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926) === med_out is now known as medberry [13:29] morning everyone o/ [13:30] hey lynxman [13:30] hey koolhead11 [13:42] stgraber: hey, mind if I fix a couple of bugs on sssd, upstream pinged me on #sssd about them [13:43] adam_g: ping [13:44] tjaalton: feel free :) [13:45] stgraber: thanks [13:56] New bug: #859658 in postfix (main) "Add SSMTP entry" [Undecided,New] https://launchpad.net/bugs/859658 [13:59] Daviey: you're pushing the fix for 857746 today? [13:59] bug 857746 that is [13:59] Launchpad bug 857746 in qemu-kvm "Drop capabilities bit in emulated e1000" [Undecided,Confirmed] https://launchpad.net/bugs/857746 [14:10] hallyn: Do you want to review and sponsor it? :) [14:40] Daviey: ok [14:58] anyone else think Ubuntu's init system sucks so bad? like, it completely fails to /etc/init.d/memcached restart has no effect. or slapd doesn't start on boot with the freaking default installed scripts? [14:58] kev009_: it's not ubuntus, most other distros use it too [14:59] kev009_: slapd not starting was intentional.. iirc you need to edit /etc/default/slapd [14:59] (same goes with puppet.) [14:59] kev009_: not all the init scripts support the 'restart' statement [15:00] caribou: for memcached I've also added stop then start, but it seems to fail under very fast succession (i.e. from a shell script) [15:01] kev009_: that can happen if the 'stop' sequence is not completed when the 'start' sequence is called upon [15:01] start and stopping memcache often suggests you are doing it wrong. [15:01] just to stir up some flame, Gentoo's OpenRC never gave me these problems. would expect the incumbent to get something like this right. [15:02] the slapd default thing is known. best I can tell, it's choking on DNS not being up or something. circular dependency? [15:03] 11.04 on two systems with that problem fwiw [15:05] is there a log for what rm does? I've accidentally run it on a file with many symlinks and I'm not sure what it deleted on my system... === aurigus is now known as aurigus_ === aurigus_ is now known as aurigus [15:26] adam_g: ping [15:38] hallyn: was it ok? [15:39] Daviey: the qemu-kvm patch? yeah, it looked good and i pushed it [15:39] (compile-tested fine0 [15:39] hallyn: If it compiles, ship it - my mantra aswell. [15:40] hallyn: accepted btw. [15:40] Daviey: for the one-liner, signed off by aliguori, yeah that was good enough for me :) [15:40] heh [15:40] accepted? [15:41] hallyn: package uploads are on manual approval. [15:41] ramping up to release! [15:47] Daviey: oh right. thanks then :) [15:47] biab [15:55] i am trying to upload to my launchpad ppa, which i do regularly, and today I am getting a rejection error from dput stating that the GPG signature verification on my .changes file is not valid. Full output from dput here: http://paste.ubuntu.com/697339/ [15:55] ignore it, it's bug 798957 [15:55] Launchpad bug 798957 in launchpad "Uploads are seemingly (but not actually) rejected" [Critical,Triaged] https://launchpad.net/bugs/798957 [15:55] bigjools: thank you very much! [15:55] I am in the middle of diagnosing it so I've not cleared the error justyet [15:56] np [16:01] bigjools is EVERYWHERE.. waiting to ponce. [16:01] worst typo ever [16:01] err, pounce. [16:01] ) [16:02] hi [16:03] how can i see witch version package as instal?l [16:03] lynxman: pong [16:04] negronjl: ^ [16:04] adam_g: morning [16:04] from the command line [16:04] hi adam_g: I was looking for your openstack branches but, lynxman sent them my way. Thanks anyway :) [16:14] i have install the freetds package in ubuntu-server 1.10 64bits but i donĀ“t know what version as install [16:15] ubuntu server 10.10 64 bits [16:17] hey, im using Ubuntu Server 10.04 and trying to automate everything.. how do i use mysql to set a shell script variable? (IE USER='SELECT username FROM table WHERE id=1') [16:23] anyone having corrupt gfx on bootscreen with Ubuntu Server 10.04 ? [16:24] adam__: #mysql [16:25] io: im there but i cant say anything :( [16:26] adam__: echo "select name from table_name where name = 'asdf';" | mysql --disable-column-names -pyourpassword database_name [16:26] and then [16:26] username=`echo "select name from table_name where name = 'asdf';" | mysql --disable-column-names -pyourpassword database_name` [16:26] etc [16:27] keep in mind that if that column doesn't have a unique index, you may be in trouble... [16:27] adam__: if you can't say anything, the channel may be accepting only authenticated users - try /msg nickserv register|identify [16:28] adam__: "/msg nickserv help register" [16:28] adam__: the topic on #mysql specifically says you have to register to post anything [16:29] :s [16:29] thanks, i see the topic now! didnt notice it :o [16:31] adam__: anyway - that oneliner I posted will probably do the job [16:46] RoAkSoAx: Are you around? [16:46] adam_g: and you? [16:49] Ng: Are you going to be upset if i WON'T FIX bug 249443 ? [16:49] Launchpad bug 249443 in asterisk "Asterisk goes into a catastrophic log rotation loop when a conference recording hits max file size" [High,Incomplete] https://launchpad.net/bugs/249443 [16:51] Daviey: I imagine that would depend on why you WONTFIX it :) === adam__ is now known as Dori922 [16:53] Ng: because nobody other than you seems to care about it. :) [16:53] Daviey: yes I'm around what's up? Im in boston though [16:54] RoAkSoAx: Groovy! With bug 827496, it seems that template expansion isn't working with debian style preseeds? [16:54] Launchpad bug 827496 in cobbler "cobbler kickstart metadata dont affect ubuntu preseed " [High,Incomplete] https://launchpad.net/bugs/827496 [16:55] Can you confirm? [16:55] hallyn: Are you still working on bug 703811 ? [16:55] Launchpad bug 703811 in kvm "kvm guest's cpu usage with virtio storage driver goes up to 100% because of flush process" [High,Incomplete] https://launchpad.net/bugs/703811 [16:55] anyone else seeing this error on fresh oneiric server installs? http://paste.ubuntu.com/697380/ [16:56] Daviey: i don't think that's the case cause I was working with ksmeta parameters all along and it worked [16:56] Daviey: the only thing is that he needs to manually edit the preseed to reflect those paramters, but each parameter gets inot a variable [16:56] hallyn, so that lxc-oneiric does hang up pretty fast after 'euca-run-instances' [16:56] it must be shutting off networking somehow [16:56] Daviey: like USER="ubuntu" [16:56] but i dont know why it did not do that before... [16:56] Daviey: i'll assign it to myeslf and verify though [16:57] might be restricted to folk with a en_GB locale [16:57] RoAkSoAx: Fancy askig a suitable question to move it forward / incomplete? [16:57] Daviey: yes will do once I get myself some hardware to play with [16:57] smoser: *awesome* [16:57] RoAkSoAx: thanks [16:57] Anyone seen zul? [16:58] Daviey: fine :( [16:58] RoAkSoAx: I thought you had more hardware this week than you knew what to do with? [16:58] rbasak: Before you EOD, can you push a branch regarding the console fix? [16:58] or ideally, PPA it? [16:59] jdstrand is working on the apparmour issue as we speak. [16:59] smoser: yeah [16:59] jamespage, you're seeing that on oneiric server instance ? [16:59] Daviey: no [16:59] or install ? [16:59] s/server instance/cloud-iamge instance/ [16:59] Ng: Sorry.. :( [16:59] smoser: instances - both in ec2 and running on my openstack install [16:59] Daviey: im here, lost in an email but here [16:59] Ng: We both know nobody is actually going to fix it... no point it just staying active for another few years. [16:59] Daviey: it's incomplete... [16:59] i couldn't reproduce [16:59] don't get in on an install - sorry that was not clear [16:59] Daviey: it's ok, if upstream doesn't care then we might as well ditch it too [17:00] and I said install [17:00] jamespage, cloud-init is not running 'locale' [17:00] hallyn: I think if you unassign yourself, the bug will be able to die. [17:00] ah [17:00] jamespage, look at /var/log/cloud-init.log you probably have some trace [17:00] Ng: Sorry :( [17:00] i had no idea it wouldn't with an assignee! will do [17:02] smoser: http://paste.ubuntu.com/697382/ [17:02] seems to be running OK [17:02] New bug: #249443 in asterisk "Asterisk goes into a catastrophic log rotation loop when a conference recording hits max file size" [High,Incomplete] https://launchpad.net/bugs/249443 [17:02] Daviey: I can do a bzr push now and I'll do a PPA in the morning. Where should I push to? ~racb/ubuntu/nova/832507? [17:03] rbasak: works for me. :) [17:03] smoser: I can fix it up with a locale-gen for the missing locale but that does not seem right [17:04] jamespage: blame smoser. [17:04] Daviey: push location? I don't think I understand the LP magic bzr path stuff yet. [17:06] jamespage, open a bug please. [17:06] smoser: ack - on it now [17:12] rbasak: bzr push lp:~racb/ubuntu/oneiric/nova/832507? [17:13] smoser: bug 859814 [17:13] Launchpad bug 859814 in cloud-init "Locale issues with beta-2 cloud-images" [Undecided,New] https://launchpad.net/bugs/859814 [17:16] * rbasak just managed to crash bzr :-/ [17:17] not that hard to do that :P [17:18] rbasak: crikey.. stop breaking stuff [17:18] Daviey: I always manage to make everything complicated, don't I? :) [17:21] New bug: #859814 in cloud-init (main) "Locale issues with beta-2 cloud-images" [Undecided,New] https://launchpad.net/bugs/859814 [17:21] New bug: #859816 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/859816 [17:31] Daviey: OK, it's in lp:~racb/ubuntu/oneiric/nova/832507 [17:32] super! [17:32] Daviey: revisions 46, 47 and 49 can probably be dropped [17:32] (or whatever you do in the bzr world!) [17:33] heh === koolhead11 is now known as koolhead11|bot [17:35] jamespage, i cannot reproduce your silly bug [17:37] adam_g: How did you get on with libvirt certs? === PleXuS is now known as PleXs [17:37] smoser: probably because you are on a Yank Locale? [17:37] ah. yeah, and LC_ is slipping through. [17:38] does ubuntu server log sudo access ? [17:39] methods1: yes, in /var/log/auth.log [17:39] Daviey: began looking at it friday PM, gonna work on it today. thinking of using the controller node as a CA that is responsible for distributing keys of new compute nodes to the existing pool [17:39] adam_g: groovy! [17:40] adam_g: I don't believe migrations works over an ssh tunnel, but if it does - is that easier? [17:40] Daviey: need to configure it manually once tho and the libvirt docs a bit RH specific. did you get it working manually with SSL or did you just disable auth? [17:40] adam_g: I used noauth... [17:40] I have previously setup certs and it was a royal pain :) [17:41] * Daviey wishes he mde notes [17:41] ok [17:43] thanks [17:46] jamespage, Daviey can you verify or refute that that behavior will be the case on any remote system that does not have the locale's installed ofr your local locale? [17:54] smoser: Hmm. [17:54] jamespage: what ami-foo did you get that on? [17:54] Daviey: well I use the most recent oneiric images in eu-west [17:54] with juju [17:55] but I also got it on a local openstack install [17:55] beta-1 and beta-2 do the sa,e [17:55] same [17:55] smoser: so, smoser-ubuntu-images/ubuntu-oneiric-11.10-beta2-amd64-server-20110921.1.manifest.xml ? [17:57] what about it [17:58] that should have this bug? [17:59] smoser / jamespage: oddly, i got a US locale [18:01] Daviey, you might have to set LC_ALL explicitly [18:01] at least i did to recreate [18:03] smoser: ah, yes [18:03] but i think this is just functioning as intended. [18:04] smoser: we only ship US locale? [18:04] smoser: is this a purely a cloud-init bug, or is this an image bug? [18:05] i think it is neither [18:05] we ship no generated locales. [18:05] on firt boot, cloud-init generates en_US.UTF-8 [18:06] at one point possibly 10.04, possibly prior, it would look at the ec2 region and eecide the locale to genrate and set as the default [18:06] (which is broken behavior i think, and i must have "fixed" that) [18:06] i believe this is mostly similar install behavior from CDs [18:06] well. sort of. i'm not sure how the installer decides which locales to generate. [18:09] smoser: What is the cost to do all the common ones? [18:10] there is a real cost every time you do an upgrade in time. [18:10] locale-gen takes real time to run [18:11] Probably too late for this cycle, but i wonder if it's worth catching the Locale on first login and generating that? [18:17] Daviey, i would think that would be a general server issue [18:17] and we could follow it on the cloud instances [18:17] and not "probably too late", but "too late" [18:19] Is there any way to resize partitions without formatting? [18:19] or losing data [18:21] smoser, Daviey: I get that on a natty image as well [18:21] right. [18:21] i commented [18:21] i suspect its an issue back to 10.04 or before [18:22] Jasonn, yes, but it is complex. [18:22] jamespage: Should we blame smoser ? [18:22] Daviey: yep! [18:23] Daviey, jamespage the real bug, is that i fyou get into the situation that jamespage is in [18:23] you cannot get out [18:23] with 'sudo locale-gen en_US.UTF-8' [18:23] or at least i could not [18:23] smoser: so better off just to reinstall? [18:23] smoser: like a cage? [18:23] smoser: hmm - not sure about that [18:23] Jasonn, you might try resizing with a live parted image [18:23] s/image/disk/ [18:24] http://gparted.sourceforge.net/livecd.php [18:24] id' give that a try [18:24] but it will tell you to back up your data [18:24] smoser: 'sudo locale-gen en_GB.UTF-8' worked good for me [18:24] hm.. [18:24] it didn't work fo rme when i was in already. [18:24] oh well. [18:27] jjohansen, could you build me a kernel of lucid-updates current with http://people.canonical.com/~smoser/lucid-loaders/dl/README.txt applied ? [18:27] you'd done that once for me before. [18:27] smoser: sure amd64, i386 or both [18:27] i think i'm only using amd64, so that is fine [18:27] okay [18:31] achiang: hi [18:31] hallyn: hi, we're playing around with a setup where we want to run ubuntu in a chroot [18:32] hallyn: right now, we do this the traditional way: set up some bind mounts, do some other stuff in the chroot, then chroot into it [18:32] it's a graphical environment so we start up gdm with autologin, etc. [18:32] hallyn: it works fine for now. but there will be a need to suspend/resume this chroot in the future, not just tear it down/set it up every time [18:33] hallyn: we're based on natty [18:33] so you mean gdm on the host, as it's .xsession or whatever, calls a script which sets up the chroot? [18:33] or do you mean gdm is running in the chroot? [18:34] hallyn: more the latter. gdm is running in the chroot [18:34] is that in vnc or xnest then? or where/how do you start the thing up and connect? [18:34] well maybe that's not yet so important, [18:34] we start gdm on the 2nd display output [18:35] have you seen lifeless' pages on setting up containers for a launchpad dev environment? [18:35] no, haven't seen them. i don't think we ever considered containers, but then i saw your planet post and realized that's probably what we need... just trying to get a better idea of how this problem might be solved [18:36] ok, 'this problem' - what's the shortcoming with what you've got? [18:36] the short coming is, "achiang doesn't know how to suspend/resume a chroot" :) [18:37] starting up a chroot can be expensive, especially if gdm has to start up, unity has to start, etc. [18:37] what exactly do you mean by suspend/resume? there is no (yet) checkpoint/restart, you can only freeze a container [18:37] freezing would be good enough for our purposes, i think [18:38] ok, you can do that without containers if that's preferable, [18:38] hallyn: sorry for the sloppy terminology, container stuff is pretty new for us [18:38] just put them into their own cgroup, and freeze with 'echo FROZEN > /cgroups/gdm/freezer.state' [18:39] but switching to containers might make for better reproducability etc anyway [18:39] is this well supported in natty? [18:39] yup [18:40] it's purely a kernel feature, CGROUP_FREEZER [18:40] hm, i'm sorry, we have a natty userspace, but i need to double-check which kernel we're using [18:40] not good [18:40] 2.6.35.7 [18:40] i think lucid has it too [18:40] yeah [18:40] lucid only disabled NET_NS. freezer should be there [18:41] to confirm, 'mkdir /cgroup; mount -t cgroup cgroup /cgroup; ls /cgroup/freezer*' [18:41] outside the chroot, right? [18:41] i'm being silly. just grep -i freezer /proc/cgroups [18:41] should still work in a chroot, but yeah on the host [18:41] we don't seem to have a /proc/cgroups [18:41] that's bad [18:42] are you in control of your kernel by chance? [18:42] we can influence some Kconfig settings, but i wouldn't say we're really in control of it, no [18:42] Kconfig settings is good enough [18:43] if there's a general backgrounder on cgroups vs containers, that's probably all i need for now [18:43] you mean a tutorial [18:43] ? [18:43] your kernel just needs CONFIG_CGROUPS=y and CONFIG_CGROUP_FREEZER=y [18:43] yeah, or a whitepaper or even a readme in Documentation/ would be fine [18:43] well, we need to make a technology choice, i guess and i'm not really informed about pros/cons [18:44] Documentation/cgroups [18:44] cgroups.txt and freezer-subsystem.txt [18:46] achiang: ping me if you have any more questions. (I'll be on another screen) [18:46] hallyn: thanks, clearly i need to go do some more homework before asking you questions [18:48] Hello, I have setup a Ubuntu 10.10 Server but it seems to sleep if I leave it a while. Then, obviously, my servers stop responding. How can I stop it from doing this? [18:50] you have X installed on a server? [18:50] RoAkSoAx: something we might want to pull in: http://git.fedorahosted.org/git/?p=cobbler;a=blobdiff;f=cobbler/pxegen.py;h=32c8f01ef246d46e31451676e0b87a6443834497;hp=889f363d4e35472d2a55e79751f698a1e80c7887;hb=8f217f054d274b801e7b8ba68fa1b7909968233b;hpb=9a2220b750a4f835f60e022e510952feed85402b [18:51] hello: If I do an iostat -x -n I see ops/s at 153, r/ops at 35 and 0 w/ops. How can there be 153 ops/s when read ops + write ops is only 35? [18:51] robos: No, I don't. [18:52] smoser: ill pull in the hostname fix [18:52] ivoks: ill pull in the gateway fix [18:52] robos: I installed it onto a laptop and it keeps sleeping. [18:52] Sorry, Static, i've never seen such a thing unless X was installed [18:52] oh [18:52] zul, iw as about to prpose it. [18:52] a laptop... [18:52] is there a way to assign the FQDN as the hostname of an ubuntu server instance? [18:52] FQDN of the server* [18:52] smoser: cool beans [18:53] smoser: ill pull in the branch then ;) [18:53] Yes, it's an old one that I could find no better use for. :) [18:53] Static, i only know how to fix that one from the gui [18:53] but actually... i'll let you do it [18:53] as it looks like the branch is broken to me, zul === shiny_home is now known as sh1ny [18:53] smoser: broken as in how? [18:53] wait.. maybe not. jsut aminute [18:53] robos: Ah, okay. [18:55] Daviey: is there anything else on your list that we need to backport for? [19:00] zul: Nothing has jumped out at me, but if you wanted to go through all the core projects trunk and see if there is anything you think? [19:00] ack [19:01] ill probably do an upload on wednesday [19:01] zul: alright.. thought u were doing another git import [19:01] RoAkSoAx: i was... [19:01] RoAkSoAx: but you guys were doing the ense...i mean juju stuff and didnt want to screw you over :) [19:02] zul: are the nova-compute-* packages the only ones that make use of an additional --flagfile? [19:02] zul, where should i push this for you to pull ? [19:02] adam_g: yeah...ill pull in your fix for that as well [19:03] should i just push to lp:ubuntu/nova ? [19:03] ~ubuntu-server-dev/nova/diablo is the branch i do uploads for [19:03] so push there? [19:03] zul: no wait [19:03] smoser: yes please [19:03] zul: i think we can fix it in packaging. ill get something prepared later today [19:04] adam_g: k [19:04] zul: hehe ok [19:05] RoAkSoAx: i could schedule one for friday though [19:06] TheEvilPhoenix, yes you can [19:06] sh1ny: how? [19:06] and no i dont mean RDNS :P [19:08] in /etc/hostname put the name part [19:08] in /etc/hosts put the ip that you want to be resolvable and the hostname [19:08] i got something like this [19:08] 127.0.0.1 localhost [19:08] 83.148.126.67 blackwing.dodo.bg blackwing [19:09] i see [19:09] thanks [19:09] you might need to [19:09] /etc/init.d/hostname start [19:10] zul, ok. i pushed there. [19:10] smoser: cool thanks :) [19:10] pushed as UNRELEASED though [19:11] smoser: sweeet [19:11] zul: alright [19:12] zul: So something that is apparent, is merging of the conf files isn't so hot. [19:12] Daviey: how so? [19:12] zul: In euca, we has a 'distro default' and a user overides file.. some didn't like that, but it wasn't so bad [19:13] perhaps we should have used ucf or something [19:13] Daviey: so maybe something like ucf [19:13] im not a big fan of ucf [19:13] but sure [19:14] well /something/. [19:16] New bug: #859914 in tomcat6 (main) "package tomcat6 6.0.28-10ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/859914 [19:17] smoser: Something the OSAPI has added is ability to change your mind for X seconds if you terminate an instance, would it be abuse to consider adding that feature next cycle to ec2? [19:17] So if enabled, terminate puts it in stopped status for X seconds, before really terminating? [19:18] or show terminating, but allow it to be rebooted. [19:18] utlemming: Have thoughts? ^ [19:18] i think openstack api is garbage in a lot of places [19:19] amazon has a solution , which i think is sufficient [19:19] you modify-instance-attribute and turn on "disableApiTermination" [19:19] then it wont die [19:19] essentially the same as 'rm' versus 'rm -f' [19:20] smoser that flag saved my ass a few times when i wasn't paying attention - very useful to have [19:21] I think the 'X' seconds part of it is somewhat "fanatical" [19:21] sillyness [19:21] but... i just learned of it now. [19:22] smoser: Ok [19:22] doesnt amazon has a api call saying yes keep my images alive or something? [19:24] zul read above [19:24] Daviey, don't you think that is a bit silly? [19:25] do you think there is real value in "protect me from my self for X seconds" more so than "protect me from myself" ? [19:25] i'd think it would be useful to have make map disableapitermination in the ec2 api to setting that timeout to 2^32 or something. [19:28] smoser: we need to go through the ec2 api doc and see whats missing and see whats not kosher [19:30] zul: ack [19:30] smoser: Sure, but i can see it being a nice optional feature [19:30] which means i have to start reading this week [19:36] utlemming: ping [19:37] zul: Hah.. it isn't compliant, and getting it so before release = fat chance. [19:37] Although aws isn't ec2 compliant either. :) [19:38] thank god for standards....*grin* [19:40] Do you guys care about strict EC2 compliance? [19:40] Anyone want to tackle a FTBFS? [19:41] Daviey: what do you need ? [19:41] soren: I think compatiable is more importiant than total compliance, which means there is an overlap.. as someone using it in an odd fashion might expose fail.. which leans towards strict being good. [19:42] ikonia: bug 831121 [19:42] Launchpad bug 831121 in dovecot-antispam "dovecot-antispam version 1.4~rc3-1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831121 [19:42] let me have a look [19:42] ikonia: bug 831179 [19:42] Launchpad bug 831179 in dovecot-metadata-plugin "dovecot-metadata-plugin version 0.0.1~hg144-0ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831179 [19:42] super! [19:43] Daviey: It's sort of an odd situation. The rule about being liberal in what you accept and conservative in what you give back is sound in the general case, but if someone were to use OpenStack as a way to test if their stuff will work with EC2, we need to be strict/liberal in the exact same way as EC2. Which sounds like boring, tedious work. [19:43] I'll setup some VM's, Daviey whats time lines/urgency ? [19:43] 831121 certainly looks do-able [19:43] smoser / zul: worth us cherrypicking bug 854614? [19:43] Launchpad bug 854614 in nova "metadata service local-hostname is not fqdn" [Undecided,In progress] https://launchpad.net/bugs/854614 [19:44] sorry 831179 I meant [19:44] soren: agreed.. then do you make the same non-compliant things that AWS does, or follow the spec? [19:44] Daviey: Oh, that's easy. Always do what EC2 does. [19:45] ikonia: as soon as possible, ideally before this thursday. [19:45] soren: EC2 doesn't 'do', it's a spec. :) [19:45] Daviey: I don't consider it an API specification as much as I consider it documentation of how things are (supposed to be). [19:45] Daviey: I'll set something up now and see if it's something I can help with [19:45] Daviey: may need a few "process" advice tips if I can get this working [19:46] ikonia: Rocking, feel free to ask questions in here, -motu or -devel if you want a hand. :) [19:46] Daviey: sure. [19:46] Daviey: There's no use in implementing what's in the "spec" if EC2 doesn't. We won't win any friends by claiming to be "the more correct EC2". [19:46] Daviey, that is already cherry picked. [19:46] smoser: gah [19:47] soren: Hmm, are you using EC2 to talk about AWS's implementaion? [19:48] We should do exactly what EC2 does. It just so happens that they've been nice enough to document what they do pretty well. Occasionally, they get their docs wrong, but we're not implementing an open spec. [19:48] I am indeed. [19:48] * Daviey finds that confusing [19:48] That is like saying, lets do what HTTP does, when they are talking about apache. [19:49] What would you call the thing that I call EC2, then? [19:49] I don't care much about the exact nomenclature as long as we can share it. [19:49] soren: AWS [19:51] "AWS" in my dictionary is the collection of the various services: EC2, S3, etc. [19:51] But whatever. [19:51] Let's call it AWS. As long as we share the terminology, we can talk :) [19:51] Hmm, you could be right [19:52] soren: so with bug 715443, i made it stricter than AWS's EC2 - but matching the EC2 published spec AIUI [19:53] Launchpad bug 715443 in nova "EC2 APIs Create Keypairs/Security Groups etc above database column limits gives weird results" [Low,Fix released] https://launchpad.net/bugs/715443 [19:53] you think that was wrong? [19:54] Did it just truncate those names before? [19:56] Anyways: I'd prefer to do what AWS does. If that means accept arbitrarily long names for stuff, so be it. However, imposing a 255 char limit, but in the process ensuring that if someone creates a security group by some name, they can retrieve it again by that name, then that's an improvement. [19:56] * soren needs to spend time elsewhere [19:57] a) my office is super dusty because a painter was here today sanding the walls, and b) I'm traveling tomorrow so shoud be spending time with the missus. [20:01] soren: I believe amazon lets you have other stuff, rather than just spaces, dashes, and underscores.. but the spec states just that [20:01] The length AWS handles correctly [20:01] soren: have fun o/ [20:02] Daviey: smoser just did [20:03] zul: did what? [20:04] ah, bug 854614 [20:04] Launchpad bug 854614 in nova "metadata service local-hostname is not fqdn" [Undecided,In progress] https://launchpad.net/bugs/854614 [20:05] sorry had to pick up liam from the bus [20:05] smoser: It would be really good if you included LP: #BUGNUM syntaxt in changelogs :) [20:06] which changelogs ? [20:06] oh suck. [20:06] sorry. yeah. i thought i did. [20:07] dont worry ill do it right i forgot to do one for i did [20:09] Daviey: i agree we should do what ec2 supposedly do do === Jasonn is now known as Jasonn|NotHere === Jasonn|NotHere is now known as Jasonn [20:10] zul: does the patch you added have a bug num? [20:10] i just pushed smosers [20:10] Daviey: it does now :) [20:10] wait, i didn't.. you beat me zul :) [20:12] Daviey: did you get any traction on that keys disapearing bug? [20:12] hey Daviey, any idea how uvirtbot is configged to just find the bug informations and then display new bugs here? [20:12] * TheEvilPhoenix was wonderingi how the bots do that [20:13] zul: I am leaning towards it being a bad merge, where --deprecuated-auth was lost [20:13] deprecated* [20:13] zul: Once i enabled that on all the componets, it seemed to come back [20:14] TheEvilPhoenix: Uses the LP api.. there are three different bots, uvirtbot, ubottu (and clones) and mup. [20:14] Daviey: ah. i assume just some kind of timer to routinely check, or something?L [20:14] Daviey: ack [20:15] TheEvilPhoenix: there is actually an atom feed, but i suspect it processes via bug mail. [20:15] i see [20:16] SpamapS: Are you looking to get those transition bugs resolved this cycle, or is it one for next? [20:18] Daviey: who manages uvirtbot? and do you know what its framework is? [20:19] * TheEvilPhoenix assumes python/supybot but isnt sure [20:19] Daviey: runlevel1 ? those can wait [20:20] SpamapS: yeah, thanks [20:20] Daviey: they're a necessity next cycle, but its not worth spending valuable resources on anymore for 11.10 [20:20] TheEvilPhoenix: soren manages uvirtbot [20:21] thanks, i'll ask questions to soren then when i have them. [20:21] on another note, Daviey, got any more beta ISOs you need tested? [20:21] :P [20:22] TheEvilPhoenix: testing the latest daily is always appreciated, but no candidate images which need acceptance testing. [20:22] Daviey: link to the dailies? [20:23] TheEvilPhoenix: bug triage is something that we really need help with :) [20:23] TheEvilPhoenix: http://cdimage.ubuntu.com/ubuntu-server/daily/current/ [20:25] wtfh... slow laggy system today >.> [20:25] * TheEvilPhoenix has a download speed of 5KBps >:( [20:26] ehh [20:26] i'll download it from a campus computer and throw the image onto a usb drive in about an hour [20:27] then i'll start testing the daily iso :P [20:27] TheEvilPhoenix: rocking! [20:28] zul: seen bzr commit -m "foo" --fixes=lp:bugnumber ? [20:28] no i havent [20:29] It logs the bug number in the bzr metadata, and links it to the bug report. [20:30] ah sweet.... [20:30] * zul puts it in his notebook [20:31] i dscovered it by accident [20:57] New bug: #860019 in mysql-5.1 (main) "package mysql-server-5.1 5.1.58-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/860019 [21:03] smoser: yeah, probably right [21:03] Daviey, zul both of you, use 'debcommit' [21:03] then it just works [21:03] (but obviously not if you do not type LP: # in the commit message) [21:04] Daviey, did you mean to milestone https://bugs.launchpad.net/bugs/859814 [21:04] Launchpad bug 859814 in cloud-init "Locale issues with beta-1/2 cloud-images" [Low,Incomplete] [21:04] smoser: debcommit when we are fixing your mess? [21:04] i really have better things to do than fix a bug that existed for 2 years in the final week of this release. [21:04] 22:02 < Daviey> smoser: yeah, probably right [21:04] why wouldn't you use debcommit when fixing a mess. [21:04] i prempted your question by 2 mins, i am GOOD> [21:04] i dont know what "probably right" meant. [21:04] ah. [21:32] need help recovering my raid 10 array [21:35] smoser: http://people.canonical.com/~jj/smoser/ [21:35] i have 4 disks in raid 10 software using mdadm, i was recovering one disk, when i lost another, i seemed to luck in as i could still access the files on the device, so i figured i had lost one of each of the raid 1 mirror disks, instead of two on one side of the raid 0 part [21:36] sorry I forgot about it after I kicked of the build [21:37] so i removed the failed disk's, and re added them to get mdadm to re sync again, then the mount for the raid 10 device went invalid, and isn't starting back up when i reboot [21:38] hmm why do my linux raid get recognised as /dev/md127 instead of md0? :O [21:42] try sudo mdadm --help [22:04] What is the reasoning behind USERGROUPS=yes in /etc/adduser.conf ? [22:04] all i have been able to find is that changing it to no is not recommended, but not why [22:17] can someone help me get dropbox working on my US 11.04 [22:18] i've followed the guide on the site, but when i run it it just freeze :( [22:28] nvm [23:04] did u get it working tiphares? [23:04] ye [23:04] what was the problem? [23:04] funny how everything magically works once you ask for assistance [23:05] don't know, don't care:P working now [23:21] m_3: hey I have a fix for bug 854866 that I'm about to upload.. I just ran into it myself. :P [23:21] Launchpad bug 854866 in ganglia "some ganglia packages won't install because of useradd" [High,Confirmed] https://launchpad.net/bugs/854866 [23:23] m_3: I see your patch, which looks more "correct" than my fix, but I'm concerned about changing that much all at once this late. [23:30] zul: ping [23:41] how do i get rid of a raid array? it's stalled and won't let me access any information about it in mdadm [23:42] hey guys. i just pulled the hdd out of my old server and put it in a newer server, the hdd having ubuntu server installed. now, none of the network interfaces appear under /etc/network/interfaces or ifconfig. ideas? [23:44] @josheee12 try ip addr show [23:45] i see lo, eth1, eth2 (which is presumably correct. i have the onboard ethernet plus a usb ethernet adapter for testing). what do now? [23:47] ok so what do you do see in ifconfig ? [23:48] just lo [23:49] ok so just add the auto eth1 and auto eth2 lines to your /etc/network/interfaces files [23:49] file* [23:50] then ifup eth1? [23:51] i think so [23:53] thank you dearly [23:53] :) [23:53] now if i could just reset this stubburn raid array [23:53] and NOW, to move all my MAC-configuration over [23:54] *mac-based [23:54] i'd offer to assist if i didn't break my own raid array last time i tried fixing it [23:54] thank god i has 3 drives on raid 1