[00:00] remove the network/broadcast/gateway/dns* [00:00] Patrickdk: nooooo [00:00] Patrickdk: :1 bullshit is the old stinky way [00:00] hmm? [00:01] using up, isn't new/better [00:01] Patrickdk: ifconfig doesn't understand that interfaces can have zero, or many, addresses, so that :1 stuff is a dirty hack [00:01] as it does the exact same thing [00:01] eth0:1 doesn't even use ifconfig [00:01] so why does it matter? [00:01] Er, ifupdown uses ifconfig internally as at 0.6 [00:02] twb, but ubuntu doesn't use 0.6 anymore [00:02] twb where have you been living? :) [00:02] LTS [00:02] he said 11.10 :) [00:02] OK I missed that [00:02] But I still think :1 is a stupid stinky way to simply have multiple addresses [00:02] it is [00:02] but as long as the interfaces file supports it [00:02] why use a nother hack to get around a hack [00:03] atleast the supported hack is suppost to be supported :) [00:03] iface eth0:1 static, is the same as ip addr xxxx, now [00:04] and that is what has caused the issue with ifupdown [00:04] that we are getting fixed on debian/ubuntu [00:04] ifup works fine [00:04] issue is ifdown [00:04] but that won't really affect him [00:04] meh, I don't see inet manual as that big a hack [00:04] inet manual? [00:05] see pastebin [00:05] now i did the following: auto eth0:1 iface eth0:1 inet static address 94.247.88.245 netmask 255.255.255.255 but still not working [00:05] oh, that is very dirty hack to me [00:05] how can I take down/up one ip at a time [00:05] expecially for failover [00:05] not with that code [00:05] Use ip, I guess [00:05] I haven't ever needed to do that [00:06] I only do in my ipvs configs [00:07] nicolas, what is classified as not working? [00:07] I guess what it boiils down to is that ifupdown has pissed me off enough over the years with being baroque and flaky, that I use inet manual because I can see what's happening and it tells ifupdown not to be clever [00:07] what was the *test*? [00:07] And obviously setting netmask and/or brd by hand blows [00:07] trying to ssh or entered into the browser: no respone [00:08] output of 'ip a' [00:08] IN A PASTEBIN [00:09] I am trying to find how to use the pastebin :$ [00:09] http://pastebin.ubuntu.com [00:09] copy/paste, click submit :) [00:09] http://pastebin.ubuntu.com/718385/ [00:09] thanks! :) [00:10] heh? eth1 is still active [00:10] ifdown eth1 [00:10] ifup eth0:1 [00:10] then pastebin again [00:10] ok [00:12] twb, I used to do a /etc/init.d/networking restart :) back in 7.04 :) [00:12] glad I have stopped that [00:12] not even sure why I did that anyways, probably just being lazy [00:13] Patrickdk: because if you do it remotely without screen, bad juju can happen [00:13] http://pastebin.ubuntu.com/718386/ [00:13] always did it remotely without screen :) [00:14] nicolas, oh, you removed eth1 already so you can't ifdown eth1 :( [00:14] add auto eth0:1 [00:14] so it looks like eth0 [00:14] or it won't come up after reboot [00:14] ok [00:14] and type in, ip set link dev eth1 down [00:14] actually [00:14] ip link set eth1 down [00:14] then pastebin once more [00:16] ok thanks!! [00:18] http://pastebin.ubuntu.com/718393/ [00:18] looks good [00:19] yes but still cannot connect with the ip 94.247.88.245 via ssh or when i enter into the browser it is timeout :S [00:21] is this server at a colo? [00:21] Nicolas: should that be a /32 ? [00:21] most likely the mac is cached on the swithc/router [00:21] and can take 8hours to timeout [00:21] oh [00:21] Seems to me you want both to be /24's and the .164 to be primary [00:21] twb, I always use /32 for aliases [00:21] Patrickdk: huh, I'm surprised it works [00:21] cause it doesn't matter as long as one ip is within the netmask of the gateway [00:22] twb, why? [00:22] It just looks like it shouldn't [00:22] I have had mixed results of it not working when I don't use /32 [00:22] where /32 always works [00:22] Mine looks more like this, and FWIW it works fine: http://paste.debian.net/139599/ [00:23] anyway, 245 would be the "master ip" and the 164 is for only one domain but I can change the domain's dns records once it works well :) [00:23] Nicolas: primary vs. secondary only matters here for outbound traffic to that net, and since you have a /32 it doesn't matter at all [00:24] Nicolas: outbound traffic will always pick the outbound /24 as the source ip [00:24] Nicolas, what is the network it's plugged into? [00:24] is it under your control or not? a colocation/vps place? [00:24] Incidentally when testing recommend trying ICMP echo-request and -reply before SSH; ICMP is connectionless so if you fuck up and have e.g. triangle routing, you can still see the response packets. Might want to tcpdump, too [00:25] * Patrickdk still bets it's a cisco router doing 8hour arp mac caching [00:25] the server is at a hosting company [00:25] that way customers are less likely to spoof other customers [00:26] well, arp poison [00:26] :-) [00:26] Should just use IPv6, no ARP there :P [00:26] sure it is, just renamed to nd :) [00:26] I did something stupid and `rm /etc/ldap/slapd.d/*` and tried to uninstall slapd, although it backup up files in the directory I removed, therefore it freaks out and stops uninstalling, and I want to get slapd reinstalled fresh; any ideas? [00:26] same thing, same issue, same solution :) [00:26] Hum, I thought it was IPsec'ized ICMPv6 [00:26] but atleast it lives in the ip layer then [00:27] no [00:27] Stupid tutle book lied to me! [00:27] arp in ipv6 is called ND, works the same as arp basically [00:27] *turtle [00:27] but ND lives in ICMPv6 [00:27] Well, that's lame [00:27] instead of directly on layer2 [00:27] I assumed it was protected by ipsec [00:27] no, it means you can do ND over layer 3 :) [00:27] it makes it really nice for like tunnels and stuff [00:27] i so I have to wait 8 hours? [00:27] so you don't always hve to use tap [00:28] Nicolas, normally, or ask your colocation people to reset it [00:28] Now I will have to go back to plan B, which is to turn off arp/nd and hard-code ip neighbours tables in /etc/ntab or so [00:28] ok, thanks! [00:28] twb, no one said you can't run icmpv6 on ipsec :) [00:28] but it doesn't by default [00:28] Patrickdk: hum, OK [00:29] I mean, it's ipsec, how would it do that by default :) [00:29] Patrickdk: I thought it was required for the "change-y" bits [00:29] change-y? [00:29] Like echo reply wasn't secized but stuff like "hey your new route should be over here" was [00:29] twb, nope [00:29] RA, ND, ... are not protected at all [00:30] same issues as ipv4 [00:30] there might be a future additon map planned to do so, but not in use [00:30] I haven't read all rfc's [00:30] but I have read most, and haven't run across that [00:32] I have changed the 88.245 to 88.165 and here it is the result: http://94.247.88.165/ [00:33] so i have to set the config file to 245 and wait for the switch... The guy tried to reset it but cannot do it [00:34] ya, if another ip works just fine [00:34] it's just arp/mac caching [00:34] if they dunno how to reset it, just let it timeout [00:34] normally the highest they can set it to is like 8hours [00:35] ok, thanks!! [00:35] thanks for your help! [00:38] So yes, is there a way to completely rid of the history of a package? === medberry is now known as med_out [00:39] OK, who knows how to configure nut? I have the master running on lucid, but I have a couple of old, fucked-up hosts that can't easily run upsmon. So I need the master to use ssh forced-commands to shut them down at the right time -- I think I do this with NOTIFYCMD, but I'm not too sure what a worked example would look like. [00:41] Actually, a better way I think would be to replace SHUTDOWNCMD with a wrapper that SSH's the dumb hosts, then does the existing "shutdown -h now" [01:12] oh... I'm trying to implement a traffic control on lucid. [01:14] I've created a qdisc with htb and class with rate 512kbit and subclass with rate 128kbit and ceil 128kbit. But when I'm gonna do some download, get up of that. [01:16] I've only had success limiting upload, downloads don't seem to work no matter what I do [01:19] ingress queuing is nontrivial [01:19] I've not tried the upload, but you get me on a ideia. Try over the local interface, the problem is the local traffic will be limited. [01:19] It isn't helped by the kernel people pushing IFB when the rest of the world is sticking with IMQ [01:19] I'll do some testes about it. [01:19] you can mark traffic by its originating point [01:19] with the iptables rule [01:20] And OBVIOUSLY you can't directly reduce the number of packets sent to you [01:20] s/number of/rate at which/ [01:20] You can fiddle-fart around with e.g. TCP congestion stuff [01:21] as in, rather than just mark all traffic destined to the LAN, only mark traffic that came from the internet [01:22] qman__: I [01:22] qman__: I'm doin' in that way. [01:22] What's the actual goal here? [01:23] twb: traffic control coming from the internet. [01:23] tc as in rate limiting, prioritization, or both, or something else? [01:23] yes. [01:23] :-) [01:23] well, that's the means [01:24] what's the situation requiring it? [01:24] I haven't done much myself but AIUI you want to go read about IMQ and/or IFB [01:24] qman__: good point [01:25] but... I'm using it and had define the rate and ceil, but the download always get up of that. [01:25] using TC I meant. [01:25] I use it on my torrent box to limit global uploads and be nice to everything else on the network [01:25] lucascastro: so you tried something, and it didn't work? [01:25] I don't actually have any shaping or QoS on my router [01:25] works better without it [01:25] qman__: you probably have pfifo_fast [01:26] twb: no pfifo_fast on the interface that htb it is. [01:27] I checked it. [01:27] I'll read abou IMQ and IFB [01:28] I meant on his router [01:28] That allegedly does no qos [01:29] twb: Oh, yeah, sure. [01:29] well, by that I meant it's just defaults [01:30] no special configuration [01:30] ubuntu server with ip_forward=1 [01:59] pfifo_fast is the default on linux [01:59] It fifo buckets by ToS [02:07] SpamapS, kirkland what apt mirror software do you use use? [02:08] my full rsync mirror is running out of space thanks to precise. so i need a approx or squid-deb-proxy [02:12] smoser: debmirror [02:17] smoser: just plan squid now [02:18] do you do anything to seed the development release ? [02:18] ie, to keep it fresh while you sleep [02:18] and can you share config ? [02:19] kirkland, ^ [02:19] smoser: nope, i suffer through the first one [02:19] twb, thanks for your input. for some reason i tihnk i'm leaning towards the caching proxy. [02:19] smoser: and gravy after that [02:20] smoser: cos yer dumb :P [02:20] well, yes. [02:20] but i think in the end it gives me better use of what i need here. [02:22] kirkland, configs ? you just run squid on one box and point the others at that? [02:23] smoser: FWIW everyone I've met that runs either debmirror or apt-mirror has been happy with it and hasn't had any problems [02:24] smoser: and you can tell not to download e.g. priority: extra or section: games [02:24] twb, well i was happy with the rsync mirror until i ran out of space. [02:24] plain rsync will pull in *everything* for all arches [02:24] Oh, and debmirror can use rsync as a backend :-) [02:24] 10:33 http://paste.debian.net/139591/ is what I do, it uses 78GiB today, and it pulls from an unmetered ISP mirror so I don't care. [02:25] But I'll stop the advocacy now :-) [02:32] twb, you make a convincing argument [02:32] hello [02:32] we upgraded the mailserver to a new hardware yesterday, but during the upgrades we plugged and unplugged the old server several times, which means some new emails from yesteday stayed on the old box [02:32] we have the old server mounted over NFS on the new one - how do I reliably copy only the missing files from the old Maildirs to make sure people get their emails? [02:33] rsync, cp -ru ? [02:33] BuenGenio: IIRC maildir more or less just deals with that [02:33] cp -rnv I imagine [02:33] Fuck, I don't know [02:33] Best is just to let the users deal with it themselves by leaving dovecot running on the old system for a week [02:34] That's what I did [02:34] problem is we switched to the new server [02:34] "Dear users, the new mail server is the old one is still ; in a week the latter will vanish, if you want that mail kept, move it from to before then." [02:34] so I unpacked the backup of the mail from the previous day [02:34] I run into this problem on a regular basis with windows servers [02:34] which means there's a day's worth and a bit missing [02:35] Or just say "tough shit, you lost some mail." [02:35] basically, if they're picky, I go in their outlook and do it for them, otherwise they're just cool with it [02:35] "Be thankful you get anything" [02:35] Tell them to treat it like an unexpected outage [02:36] most customers understand that when you replace their server, sometimes shit happens [02:37] for the rest, you just have to spend the time picking through their mail, or risk losing them [02:37] i'd rather they didn't [02:37] it's a rather large company, and I'm working here [02:38] twb, so stupid question [02:38] what happens when i i use debmirror and the cache misses ? [02:38] How do you mean? [02:39] debmirror creates a conventional first-class (i.e. internally consistent) apt repo [02:39] It's not a cache in the sense that it's partially missing [02:39] right. so when it misses, what happens? [02:40] say you had told it to not include '--section multiverse' [02:40] and then 'apt-get install some-multiverse-pkg' [02:40] You get "no such package, WTF are you talking about" [02:41] What I typically do, mainly to guard against the debmirror cron job breaking, is to add a second entry for mirrors://... or so, so that if I ask for something not mirrored, it'll fall back on upstream (probably via squid) [02:41] ok. that swhat i was asking. [02:43] Right, sorry, I misunderstood the question at first [02:43] Another example would be that I don't mirror sources at all, so deb-src just points straight to upstream [02:52] anyone know why nginx does not work with php5-gd? [02:52] nginx is configured to work with php, but it won't recognize php5-gd === med_out is now known as medberry [03:03] twb, mirror started. thanks. === medberry is now known as med_out [03:09] OK, let me lay this on you [03:09] I have a host with- no, that can't be the issue [03:10] OK, so I have a KVM VM running lucid server, it's a client for LDAP/SSL and NFSv3. [03:10] Three times now I've caught it completely failing to run users' cron jobs [03:10] This time, cron is running and the problem occurred after the VM was rebooted. IIRC the previous two times, cron wasn't running at all. [03:11] I was about to say "it's because it can't read /home when cron starts", but the crontabs live in /var/spool [03:11] One of the cron jobs is a script that automatically siphons money into my bank account, so I'm not anxious for it to silently stop working :-/ [03:25] What would be a reason for an NFS share not mounting until a user authenticates? [03:26] Takyoji[laptop]: krb? [03:26] Takyoji[laptop]: what's fstab say [03:27] The params are: rsize=8192,wsize=8192,timeo=14,intr [03:27] Pastebin the entire fstab and the entire /proc/mounts [03:27] I'll have to login on the other system then, one moment [03:28] Might as well paste exports and thingo from the server, too [03:29] http://paste.ubuntu.com/718479/ [03:32] no auto? [03:32] or is that not needed anymore? [03:32] Server http://paste.ubuntu.com/718480/ [03:32] ahh, perhaps it might be needed [03:32] qman__: for NFS? [03:32] I'll test the on one system [03:32] I'll test that on one system* [03:33] NFS at boot time is pretty much broken by upstart, at least in lucid [03:33] mountall(8) is a great steam pile of kludge [03:33] heh [03:33] I'm behind the times with NFS anyway [03:34] So I'd probably have to resort to writing an upstart script? xP [03:34] Hay, auto helped [03:34] Takyoji[desktop]: har har [03:34] You sir, win one free internet and a stuffed penguin! [03:35] Takyoji[desktop]: more like throw away upstart and use a deterministic boot process [03:39] How can I get nginx to start on boot in Oeniric? [03:39] I set this thing up on 7.10 and haven't touched the configuration since, continued to work through all five release upgrades [03:40] figured it was worth mentioning it [03:52] magn3ts: install it? [03:53] twb, yeah, that's not cutting it. :/ [03:53] twb, I thought that's all I did in 11.04, but it didn't do such in 11.10 :[ [04:33] win 3 [04:34] magn3ts: does it provide an /etc/init or only an /etc/init.d? [04:43] I've run "/etc/init.d# update-rc.d myprocess_stop stop 1 0 1 6 ." which adds the appropriate links to /etc/rc0.d rc1.d and rc6.d. however the scripts are called until AFTER a reboot. any ideas? [04:43] Blergh [04:44] cjs226: it happens after a reboot because you're in single-user mode (runlevel 1) [04:44] no, I'm in runlevel 2 [07:36] hi i've got a usb wireless adaptor which is using RALink RT2870 chipset.I had it working on my ubuntu server edtion 11.04 until recently when I upgraded to 11.10. Can someone help me with it please [07:44] Hello all [07:44] My PostgreSQL db is saying "could not fork new process for connection: Resource temporarily unavailable" [07:45] Where should I look first? The system doesn't seem to be under heavy load (well the three load numbers in top look > 1, but actual cpu usage seems low) === almaisan-away is now known as al-maisan [08:17] hi i've got a usb wireless adaptor which is using RALink RT2870 chipset.I had it working on my ubuntu server edtion 11.04 until recently when I upgraded to 11.10. Can someone help me with it please === the-mgt_ is now known as the-mgt [08:46] New bug: #881304 in keystone (universe) "issues with ec2 middleware" [Undecided,New] https://launchpad.net/bugs/881304 [08:58] morning o/ [09:03] I'm looking through the man page and other sources for rsync, and I'd just like to make sure it's the best option before I start using it. I would like to syncronize files on my Windows 7 desktop and netbook (Large files like videos or large amounts of smaller files like music) and keep the most up to date version on my server at home. Is there a faster way to do this than learning rsync, or should I just go for it? [09:04] To clarify, I want to take files from my desktop and have them sync up to the server and then back down to my netbook, and vice versa [10:12] hello i have a problem connecting wpa_supplicant to a hidden wpa network :/ it does not connect [11:00] hi all [11:12] New bug: #881361 in puppet (main) "puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5" [Undecided,New] https://launchpad.net/bugs/881361 [11:24] lynxman: How is mcollective looking? [11:36] Daviey: almost done! [11:41] lynxman: crikey, if it is this complicated - we are doing something wrong [12:02] mdeslaur: around? [12:02] Daviey: yeah, looking at busted puppet [12:03] mdeslaur: Are comfortable triaging it? [12:04] Daviey: huh? I'm working on it, it's busted because of the security update (se much for the test suite...) [12:04] mdeslaur: Oh yes, just wanted to clarify that you are driving the issue? [12:05] Daviey: yes, I am, you can assign me to whatever bug comes in [12:05] rocking! Thanks mdeslaur [12:06] * koolhead17 pokes Daviey [12:07] * Daviey frowns at koolhead17 [12:18] :P [12:18] Daviey: how should i handle that php error issue during compilation then? [12:18] hey lynxman [12:23] koolhead17: sorry, can you pastebin the error again? [12:24] (FWIW, Debian switched to git packaging and somewhat tried to switch to native packaging, badly.) [12:24] Daviey: http://paste.ubuntu.com/718047/ [12:25] koolhead17: the lintian W's are all warnings, which are on the Debian package aswell. [12:25] It's not something you have introduced. [12:26] The gpg error is because you don't have a gpg key, but you don't need that to get sponsored. [12:26] So it's all ok [12:26] Daviey: whats next step now :) [12:28] koolhead17: have you built the package? [12:28] pbuilder-dist precise i386 build *ubuntu2.dsc [12:28] then install it from ~/pbuilder/pubilder_i386-result/*.deb (iirc) [12:29] then run "php5" and see if you get the warning [12:29] (best confirm this before installing) [12:29] k [12:30] m_3: Are you around sir? [12:32] Daviey: i should run chroot once am inside builder directory ? [12:33] koolhead17: erm, no [12:40] Daviey: i am on oneiric machine and currently inside the pbuilder/precise_i386_result directory. i can see many .deb pkgs there. [12:42] koolhead17: kool [12:43] erm, so run "~:$ php5" [12:43] you shoudl see the error, correct? [12:43] yes [12:43] :~/pbuilder/precise-i386_result$ php5 The program 'php5' is currently not installed. You can install it by typing: sudo apt-get install php5-cli [12:44] koolhead17: so, sudo dpkg -i *sqlite*.deb [12:44] err, wait [12:44] :p [12:44] That is not the error, i was talking about [12:44] Daviey: looks to me like bug 858878 is an architectural issue with cobbler-web and any patch will not be trivial [12:44] Launchpad bug 858878 in cobbler "lack of csrf protection in cobbler-web" [High,Triaged] https://launchpad.net/bugs/858878 [12:45] Daviey: cobbler-web is using things like GET requests with side effects [12:45] rbasak: Have you managed to create a minimal testcase which proves it's an issue? [12:46] koolhead17: you need to install php5 and php5-sqlite3 [12:46] Check you hit the bug. [12:46] then install your *sqlite*.deb, and see if the error goes away [12:46] Daviey: not right now, because it started to download gigs of images (presumably that's what it is) I killed the instance to avoid running up a bill [12:47] Daviey: cool. the two packages from the packages i built. using dpkg -l comamnd [12:48] dpkg -i ok doing it [12:48] rbasak: you should be able to install cobbler on it's own without that, no? [12:48] koolhead17: wait [12:48] k [12:48] yeah I tried cobbler on its own but the default configuration doesn't seem to work [12:48] koolhead17: I want you to proove the bug first, with packages from the archive [12:48] So I tried orchestra and that set it up sensibly [12:49] Then dpkg -i, to proove you have fixed t [12:49] it [12:49] Daviey: got it [12:52] Daviey: the package name is php5-sqlite :) [12:52] good stuff [12:53] morning === med_out is now known as medberry [13:08] Daviey: apache error log shows same warning as mentioned in bug. i will remove both package which i got from repo without deleting its deps and install the one i generated via pbuiled. i hope that is what is needed. :) [13:09] zul: morning o/ [13:09] koolhead17: hey :) [13:09] lynxman: this 4square is killer apps man!! tells everything :) [13:09] hello zul [13:10] koolhead17: lol :) [13:10] lynxman: werent you merging rabbitmq-server? [13:10] zul: it was done a couple weeks ago... [13:10] zul: I pumped straight up to 2.6.1 [13:10] lynxman: really? [13:10] zul: really [13:10] odd [13:10] zul: https://launchpad.net/~lynxman/+archive/ppa [13:10] zul: with all the standard plugins ( [13:11] zul: with all the standard plugins (+3 more for the landscape guys) [13:11] okie dokie [13:11] zul: and this supports HA replication, which is cool [13:13] lynxman: because precise has 2.5.0 and testing has 2.6.1 [13:14] zul: my 2.6.1 was before debian's, so might it help to just merge straight from debian (+ our very small delta) and then rebuild the plugins for precise? [13:14] zul: I need to push the plugins back to debian at some point as well [13:14] lynxman: thats what i was thinking [13:14] zul: will do that then, our delta is just a soft link [13:15] lynxman: if you are busy i can do it [13:15] zul: won't say no, I'm finishing this whitepaper... :) [13:15] lynxman: k [13:15] ill get to it next [13:15] zul: then rebuilding the plugins is just resending them to the enablement machines, they all work fine [13:15] zul: let me know if I can give any support [13:17] koolhead17: just dpkg -i *sqlite*.deb , then run php5, should be enough [13:17] you don't need to look at logs [13:18] ok [13:21] i am getting some lovely deps issue while installing the the source pkg php5-sqlite /0\ [13:21] Daviey: http://paste.ubuntu.com/718788/ [13:22]