TheEvilPhoenixin /etc/hosts, if I want to define 6 sites to point to, can i define the hostnames to bind to that address all on one line rather than have multiple lines containing   <host>   ?00:09
lynxmanTheEvilPhoenix: yeah, just write one hostname after the other separated by a space, should be good00:10
iggi_Hello, does anyone know how I can find out what is spawning a perl process? is there logs somewhere?00:41
xranbyiggi_: try pstree00:44
xranbyit can give you an indication on which process started the perl process00:44
=== Ursinha is now known as Ursinha-afk
qman__ps ax can give you the command used to invoke it00:46
uvirtbotNew bug: #882344 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/88234400:58
iggi_xranby, It only runs for a split second though01:33
iggi_same thing qman__, it runs for 1-2 seconds, enough to show up on top then dissapears01:34
iggi_the problem is I run a voice chat server on it, so it runs just enough to cause fragmentation01:34
xranbyiggi_: try raise the priority on your voice chat program01:43
=== Guest60473 is now known as medberry
xranbyiggi_: renice -n -1 -p chatserverprocessidhere01:44
iggi_xranby, It's already at -1901:46
iggi_still happens01:46
panfistif there is a network share in my fstab file that's unavailable when my server reboots, the server never finishes booting03:14
panfistmountall fails and it just stops the boot sequence03:14
panfistis it possible to get it to just skip mounting those drives and move on?03:15
twbadd noauto to the fstab?03:16
twbThis must have gotten worse in the latest release, because while *I* encountered in under lucid, nobody else complained until this week03:16
panfistthis is on lucid hah03:17
twbThere's also some bullshit undocumented additional option like "bootwait" but it wasn't working for me03:17
twbRTFS mountall I think it's mentioned in a C comment03:18
panfistnoauto would certainly work, but ideally i'd like it to try to mount, but not blow up if its unavailable03:19
twbGood luck with that03:21
uvirtbotNew bug: #882390 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/88239005:41
air_my ubuntu 11.10 is spamming the syslog with 'ntop[1238]:   **WARNING** packet truncated'05:50
air_It seems it doesn't matter, but anyone have an idea on how to disable the logging?05:50
air_it's logging when I stream a movie over NFS.05:51
twbair_: stop ntop, then?05:52
air_twb: oh. it's too early for me. why didn't I look into that right away.05:56
air_twb: thanks, I'll see if it's needed or if I can just shut it down.05:56
twbIt's not needed05:59
twbIt's a diagnostic tool05:59
twbProbably someone started it and forgot to stop it05:59
greppytwb: it can also be a network monitor06:00
_rubenntop usualy is meant to be running 24/7 .. collecting data over time and all that .. whether or not it is needed is up to the admin of the box ;)06:14
twb_ruben: oh, OK06:30
twbI assumed you only used it when there was a problem06:30
twbLike top06:30
twbFor long-term stats I would be using something rrd-flavoured like collectd, but whatever06:30
_rubenntop is rrd-flavoured06:31
twbI must be thinking of something entirely different then06:31
twbProbably iftop06:31
twbYeah, ntop isn't even ncurses based06:31
_rubenits web indeed06:32
twbweb is for little girls06:32
_rubenand managers06:32
twbSame thing06:32
twbThey are always coming around to my desk asking me to deploy invisible pink ponies06:32
_rubenhehe :)06:33
twbJust this very hour, they asked for wordpress06:33
twbAnd I said "no, you can keep using m4 and make.  httpd is not going to be running an embedded interpreter"06:34
Takyojiinvisible pink unicorn. :P06:34
twbTakyoji: it was a melange of that an "I want a pony"06:34
TakyojiNo fire-breathing pony? http://www.youtube.com/watch?v=lqhL-_86LOQ&t=3m32s :P06:36
twbNFI, I don't do idiot box06:37
RudyValenciaHow do I setup a local cache to install from (using a PXE server)?06:50
RudyValenciaer, a local apt cache06:50
twbdebmirror or apt-mirror06:51
RudyValenciabut then I have to download a whole repository06:51
twbBut installs only load the bootloader, kernel and ramdisk via PXE.  The rest comes from HTTP or similar.06:51
twbRudyValencia: no, debmirror at least allows you to mirror subsets of the repo06:51
RudyValenciaOh? I can just mirror enough of it to install the base client system over the network?06:51
twbShould be possible06:52
twbdebmirror --method rsync --host mirror.internode.on.net --arch amd64 --nosource --diff=none --host ftp.debian-ports.org --root debian --section main --dist unstable,unreleased --limit-priority='required|important|standard' --include=insserv /srv/apt/debian-ports06:53
twbThat only downloads 220MB, for example06:54
RudyValenciabut then I have to set up my HTTP server to serve those packages mirrored, don't I?06:54
twbYes, but that's trivial06:54
RudyValenciaThere was one I used to use called "approx"06:54
twbapt-get install busybox-static; busybox httpd -p 8080 -d /srv/apt06:54
twbapprox and other "caching" proxies are flaky crap06:54
twbI have had nothing but pain from them06:55
RudyValenciabut deb-mirror doesn't update the files with new versions, it's only a snapshot of the version in time06:55
twbI cannot comment on apt-cacher-ng -- I haven't tried that one06:55
twbRudyValencia: uh, just run debmirror again each morning06:55
RudyValenciaI could probably set up a vhost on my server pointing to the install CD06:55
twbIf you've already got a CD then don't bother with any of that06:56
twbJust export the CD06:56
RudyValencia(then all the client needs is an update)06:56
RudyValenciaOh, cp /path/to/cd/* /path/to/vhost/ubuntu ?06:56
RudyValenciawell, cp -a actually06:56
twbMore like mount /dev/sr0 /mnt/delete-me && busybox httpd -d /mnt/delete-me -p 808006:57
twbDon't see why you'd bother copying stuff06:57
RudyValenciaI don't want to always keep the CD in the drive because the server would boot off it and that would delay reboots06:57
RudyValenciaand I already have an HTTP server set up06:57
twbWell, whatever06:57
RudyValencia(this is my personal fileserver/test Web services server06:58
twbIt'll be a subdir of the CD tho, something like pool/06:58
twbAlthough last time I looked some of the newer CDs did silly things to save space, so you might not be able to do that anymore, they might not HAVE any .debs in their pool except for a couple of drivers06:58
twbserver CD is probably still OK, assuming you're doing minimal installs06:58
RudyValenciaI'm using the LTS version06:59
RudyValenciaand I am doing desktop installations07:00
twbNFI, then07:00
twbDesktop installs will need like 400MB of debs07:00
RudyValenciahm, is there a way to download that entire set of files07:01
twbAssuming you can afford the one-off up-front download, and the ongoing disk space consumption, debmirror is definitely the easiest way to do it IMO07:01
RudyValenciaI would rather store the files than have to redownload them on every install07:01
twbRudyValencia: well, there will be jigdo files somewhere that list what .deb and .udeb files are on the "alternate" CD07:01
RudyValencia(only downloading a "delta" to the latest versions)07:01
twbYou can't have that "delta" business07:02
twbapt archives aren't set up that way07:02
RudyValenciahm, I'll read up on apt-cacher-ng07:02
twbIIRC there is a script that you're supposed to use if you're an ISP and you want to be a direct mirror of cdimage.debian.org, and that might do deltas, but it's not actually maintained as a package in debian, so I've never looked07:03
RudyValenciaapt-cacher-ng might be a better, more serviceable replacement for approx07:03
twbBasically you'd need a smart client that can parse Packages and mv files then talk rsync to the upstream archive to --in-place get them07:03
twbAllegedly -ng is better than the other cachers, but just doing a partial mirror is more reliable07:04
RudyValenciawell, I was thinking of just using the server for the initial install, then dropping a sources.list that connects to an outside APT repository after first boot07:04
RudyValencia(preferably mirror.anl.gov in the US here as it has the best bandwidth07:05
RudyValenciaThat's what I meant by "delta"07:05
twbWhat I usually do is set up http://apt for the install and leave it as the default mirror, and use a mirror:// entry as a fallback in case the host moves offsite07:05
twbIt'll noisily, but automatically, fail over to the mirror07:05
RudyValenciaI keep copies of the ISO on hand07:06
jamespageDaviey: looking now07:25
lynxmanmorning o/07:46
jamespagemorning lynxman07:48
jamespagehow are you on this fine day?07:48
lynxmanjamespage: top of the morning ;)07:48
lynxmanjamespage: enjoying the sunny day, hehe :) you?07:48
jamespageI *need* to be in Orlando07:48
lynxmanjamespage: I reckon it'll be rainy next week :/ although I don't think it's the same kind of rainy07:48
jamespageI can do warm rainy07:49
jamespageits cold rainy that I don't like07:49
lynxmanjamespage: I'm okay with cold rainy, windy sideways rainy is a bit annoying though07:49
jamespagelynxman: have you tried out mcollective with the activemq packaging that landed last release?07:51
lynxmanjamespage: I'm on that today07:51
jamespagelynxman: good - I'm just looking at the FTBFS on the latest debian version07:51
lynxmanjamespage: :)07:52
jamespageA new version also landed in Debian unstable in the last couple of days07:52
lynxmanjamespage: interesting :)07:53
jamespagelynxman: any use for you - http://packages.debian.org/changelogs/pool/main/a/activemq/current/changelog ?07:53
lynxmanjamespage: the -4 is acually a good one07:55
lynxmanjamespage: need to do some heavy testing today though :)07:55
jamespageDaviey: that tomcat bug relates to a feature that is not in the version in Lucid07:58
Aisonquite bad :( after upgrading to oneiric my whole email system is down08:01
Aisonsomehow fetchmail is working, but I don't know if it's a problem of postfix08:01
Aisonit looks like the mails go to /var/spool/mail08:04
Aisonbut then not to the user maildir08:04
jamespageAison: could you provide a few more details about your email system?08:40
jamespagesomeone might have a similar setup and may be able to help08:40
Aisonok, I have got postfix installed with maildir in home Maildir/08:41
Aisonfetchmail fetches the mails and deliver them to postfix08:42
Aisonnow the problem is, that new mails suddenly go to /var/spool/mail  and /var/mail  instead to /home/[user]/Maildir08:42
Aisonpostconf shows that the config is right: home_mailbox = Maildir/08:44
=== stiv2k_ is now known as stiv2k
afuenteshi, im thinking about removing consolekit in all my servers... Can this do any damage? i noticed it tries to remove dbus as well. Is not used at all by the server?09:07
ersiafuentes: I don't think that is a good idea. If I'm not mistaken, consolekit is used pretty much at a lot of levels you quite possibly don't want to redesign09:24
afuentesersi can you give me an example?09:27
afuentesi read this "In short, the goal of ConsoleKit is to give elevated, but controlled, privileges to the person sitting at the physical computer."09:27
afuentesi dont know what i want that for09:27
afuentesi dont even admin these servers physically09:27
afuentesthey are virtual machines09:28
onrei don't have it installed on my virtual servers.09:28
ersiafuentes: Unfortunally not, I would of course do so if I could :)09:32
ersiafuentes: Well, hm - does look like you don't need it then.. seems that onre does without it09:32
afuentesonre do you have lot of servers?09:42
afuentesand services?09:42
afuentesjust to know how probable is to break something without it09:42
afuentesbecause it removes dbus as well09:43
lynxmanafuentes: I would not remove it, although if it really bothers you remove it and see if everything keeps working as you expect :)09:44
lynxmanafuentes: vamos, que pruebes y ya esta, hehe09:44
afuenteswell, it seems the process of console kit are always busy, and sometimes is mayor load i have on the servers09:45
afuentesi goggle a little about it, and i was not able to draw a conclusion09:45
afuentesbut it does not seem to do anything very useful09:45
ersiI'd suggest trying this in a test environment, so that you do not break any production services.09:47
ersiJust a friendly cautionary tip09:48
afuentesersi i already did it on test enviroment, nothing seems broken so far, but its hard to tell when you have so many services09:49
lynxmanhmm maybe also just kill ConsoleKit and see if something breaks, if not you don't really need it09:49
afuentesmaybe i should make an script that do that on every process and reboot the server when something die, just to clean up09:51
linociscowhere could I find ubuntu-server training videos for free rather than a few specific I found on youtube??10:05
sorenDaviey: Where is the packaging branch for openstack stuff for Oneiric?10:11
koolhead17hi all10:16
=== koolhead17 is now known as koolhead11
Davieysoren: for oneiric?  That has reverted to normal UDD, no?10:20
Davieysoren: lp:~openstack-ubuntu-packagers/nova/ubuntu is for essex.10:21
Davieyrbasak: How is cobbler looking?10:22
lynxmanDaviey: small question for you10:33
lynxmanDaviey: If I read this correctly10:33
lynxmanDaviey: ruby-stomp | libstomp-ruby1.8 (>= 1.1.5)10:33
lynxmanDaviey: means ruby-stomp OR libstomp-ruby1.8 right?10:33
lynxmanDaviey: if we sync from upstream (since we don't have ruby-stomp) this should be okay anyway right? Not enough reason for a merge I reckon10:33
Davieylynxman: If that is the only thing concerning you, i'd like to do a sync regardless to close the delta and then fix anything afterwards.10:36
lynxmanDaviey: talking about puppet here :)10:36
lynxmanDaviey: mcollective is next, that won't be that easy10:36
lynxmanDaviey: puppet 2.7.6 from sid10:36
Davieylynxman: kinda odd that ruby-stomp doesn't exist in Ubuntu, and libstomp-ruby1.8 is universe.10:38
lynxmanDaviey: a little bit innit10:40
jpds /sbin/init10:40
sorenDaviey: I don't know, that's why I'm asking :)10:40
Davieykill -9 010:40
sorenWhat's pid 0?10:41
lynxmansoren: the pid that cannot be divided :)10:41
sorenlynxman: I'm not sure that helps :)10:41
* patdk-lap wants pid -110:44
sorenDaviey: Ok, so just to clarify: lp:ubuntu/oneiric-proposed/nova is where we apply changes we want to eventually land in -proposed (and -updates, of course). And we use LP merge props to get changes on there?10:45
=== Ursinha-afk is now known as Ursinha
sorenpatdk-lap: Sorry, it's not for sale.10:49
Ursinhagood morning people10:49
Davieysoren: Yes, that is the plan.. If you want to UDD it.. The other option is to just upload to -proposed and let the package importer do it's thang10:51
Davieysoren: Ah10:52
Davieysoren: This is where UDD ucks.10:52
Davieysoren: In this instance you want to base on -updates.. as there was a security update which overwrote a verification-failed nova sru, which is currently tip of -proposed.10:52
* koolhead11 cannot access anything today :(10:54
koolhead11zul: hey10:54
sorenDaviey: That was actually why I wanted to know: So that I could reconcile those branches.10:55
lynxmankoolhead11: ello koolhead(11|17)10:56
koolhead11lynxman: hey there.10:56
uvirtbotNew bug: #882507 in puppet (main) "Sync puppet 2.7.6-1 (main) from Debian sid (main)" [Undecided,New] https://launchpad.net/bugs/88250710:56
lynxmanoh oh, I know that bug10:57
=== koolhead11 is now known as koolhead17
koolhead17hey Daviey11:00
Davieyhey koolhead1711:03
Davieysoren: Yeah, TBH, i think the easier way to do this is to just upload and let the package import do it's thang.11:03
DavieyUDD fail.11:04
sorenThis time it actually seems pretty easy.11:04
sorenI do remember these pains from earlier times, though.11:04
sorenIIRC, there's a flag we can set in debian/source that makes it so that the patches aren't applied, which makes it quite a bit easier to deal with 3.0 (quilt) format packages.11:05
sorenDaviey: Yeah, debian/source/options: --skip-patches11:06
Davieysoren: Yeah, i think that shoudl be system wide TBH11:06
sorenI'm not sure I agree, but meh.11:07
DavieyReviewing .pc's is awesome.11:07
sorenzul: Do you not use dch to add changelog entries?11:13
onreafuentes, tens of both.11:13
afuentesonre, whats both?11:14
koolhead17Daviey: am reopening https://bugs.launchpad.net/ubuntu/oneiric/+source/keystone/+bug/87828211:15
uvirtbotLaunchpad bug 878282 in keystone "keystone database connection error" [Medium,Fix committed]11:15
onretens of servers running tens of services :p consolekit is related to access to physical keyboard + mouse, so you really do not need it on virtual servers.11:15
koolhead17i have allready commented on the same. i don`t see it changed11:15
Davieykoolhead17: ugh11:18
Davieykoolhead17: Is this a fresh install?11:18
koolhead17Daviey: i just installed keystone few minutes back . yes11:19
koolhead17i even did an apt-get upgrade to see if something has changed/new added11:20
Davieykoolhead17: can you apt-cache policy keystone ?11:21
koolhead17Daviey: http://paste.ubuntu.com/720583/11:22
Davieykoolhead17: you aren't installing the proposed package :)11:23
Davieykoolhead17: https://wiki.ubuntu.com/Testing/EnableProposed11:24
koolhead17Daviey: oops. k11:25
uvirtbotNew bug: #878282 in keystone "keystone database connection error" [Medium,Fix committed] https://launchpad.net/bugs/87828211:26
Davieykoolhead17: I'd be kinda suprised if it didn't work, http://launchpadlibrarian.net/83391386/keystone_1.0~d4~20110909.1108-0ubuntu3_1.0~d4~20110909.1108-0ubuntu3.1.diff.gz11:28
znowive installed samba on my ubuntu server, but I cannot connect to it with a ftp program, ive set the samba.conf as shown in a tutorial, the ftp program says connection refused by server11:30
koolhead17Daviey: i see same old conf file.11:30
Davieykoolhead17: That is because you are not testing the -proposed package, but the package currently in the archive with the known isue11:31
Davieykoolhead17: the -proposed upload needs verification before it can be installed by everyone automagically.11:31
Davieyznow: erm, samba isn't an ftp server11:31
koolhead17Daviey: can you tell me what should i add in my apt-sources.list. to my horror am not able to open wiki.ubuntu.com. we have just moved to new floor with new VLAN and all stuff :(11:32
znowDaviey: oh yeah lol.... mixed it up... okay, what do I need to install to get ftp access to my server?11:32
koolhead17zul: good morning11:32
Davieykoolhead17: can you see pastebin?"11:35
Davieykoolhead17: http://pastebin.ubuntu.com/720589/11:35
Daviey!ftp | znow11:36
ubottuznow: FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd11:36
koolhead17yes. :)11:36
Daviey!ftpd | znow11:36
ubottuznow: FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP11:36
Davieyubottu: you suck.11:36
znowDaviey: thank you11:36
Davieyznow: https://help.ubuntu.com/11.10/serverguide/C/ftp-server.html11:36
zulinteresting vsftpd is not in that list11:36
Daviey12:36 < ubottu> znow: FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, *vsftpd*, MuddleFTPd,11:37
lynxmanzul: morning :)11:37
zuldoh...need more caffine11:37
lynxmanzul: go get it ;)11:37
SpamapS'morning chaps11:46
koolhead17morning SpamapS sir!! :)11:47
koolhead17Daviey: am closing it again. :( it  was my mistake :D11:48
Davieykoolhead17: don't change the status11:48
Davieyhey SpamapS11:48
koolhead17Daviey: ok. i left it to in progress. i will comment again and write that i checked it in proposed and it works. i hope that sloves it11:50
Davieykoolhead17: great11:50
koolhead17Daviey: as zul mentioned yesterday the admin port is changed to "35357" do you want me to file a bug for same and add patch for the same? Because i don`t see the same changed in proposed keystone package.11:55
Davieykoolhead17: it's not changed yet :/11:57
Davieyzul was kicking off a discussion with ~ubuntu-sru team to see if updating to final is ok.11:57
* koolhead17 rechecks it11:57
koolhead17Daviey: http://paste.ubuntu.com/720613/  i have proposed package installed now. :D12:02
Davieykoolhead17: great, now dodn't touch the damn status :)12:08
koolhead17Daviey: sir!! got it :P12:09
Davieyivoks: Do you fancy taking the logwatch merge?12:55
kirklandtjaalton: okay, i've triaged that bug, trying to figure out the best way to solve it12:55
tjaaltonkirkland: cool12:56
kirklandtjaalton: thanks for the logs12:56
kirklandtjaalton: i'll get you something you can test out shortly12:56
DavieySpamapS: looks like moin needs a merge?12:57
tjaaltonkirkland: great, thanks12:57
Davieysmoser: Are you merging nagios-plugins?13:02
SpamapSDaviey: yaaaay :-p13:06
zulDaviey: so we have a problem13:13
zulwith keystone13:13
zulthe final release added a new python dependency passlib which is not in the archive13:17
Davieyzul: awesome13:24
zulDaviey: so i dont know and dont think you can add new packages after the fact13:25
Davieyzul: I'm not aware of any SRU's which have introduced new packages, but i'm not sure it's really any different.13:28
zulme either but i dont think it has been done beore13:28
lynxmanzul: http://bit.ly/pa5ruL13:29
zullynxman: not really :)13:29
zulDaviey: so i think we might be stuck13:32
kirklandtjaalton: aha13:32
kirklandtjaalton: your preseed has your encrypted password13:33
kirklandtjaalton: not a cleartext one, right?13:33
kirklandOct 26 22:21:42 frontend: Adding [ID] -> [passwd/user-password-crypted]13:33
kirklandtjaalton: this means that ecryptfs does not have access to your cleartext password to wrap your generated mount passphrase13:33
zulDaviey: or we check to see how prevalent passlib and remove it13:33
Davieyzul: I can't believe keystone didn't declare this.13:33
tjaaltonkirkland: yes13:34
kirklandtjaalton: okay13:34
Davieyzul: or, cherrypick part of passlib that is required?13:34
* Daviey knows nothing abut passlib13:34
tjaaltonkirkland: was wondering how the preseeding could even work :)13:34
kirklandtjaalton: it's going to take a gnarly hack to work around this one :-)13:34
zulDaviey: yeah im not entirely surprised either13:34
kirklandtjaalton: i can explain it to you, if you're interested13:34
tjaaltonkirkland: hehe, give it a shot13:35
kirklandtjaalton: okay, so in all cases, a mount passphrase is randomly generated13:35
Davieyzul: ugh. it's not just one *.py.13:35
kirklandtjaalton: in some cases, we know the user's cleartext chosen password13:35
zulDaviey: yeah im looking at the git tree13:36
kirklandtjaalton: in those nice cases, we immediately wrap the random mount passphrase with the user's chosen passphrase13:36
sorenDaviey, zul: There's nothing technical that would block adding a new package in -updates. It's all a matter of policy.13:36
kirklandtjaalton: but in other cases, we don't know the random mount passphrase13:36
Davieysoren: I thought that is what i said? no?13:36
kirklandtjaalton: so what we do is write it to /dev/shm/.ecryptfs-XXXXXX13:36
zulsoren: right13:36
kirklandtjaalton: and chown it to the user, permed 400013:36
sorenDaviey: Was it? Maybe I missed that.13:36
kirklandtjaalton: make that 40013:36
sorenDaviey: Sorry.13:36
kirklandtjaalton: this is a temporary write of a cleartext passphrase13:37
Davieysoren: The fact that the SRU policy is currently poorly documented is the issue :)13:37
kirklandtjaalton: done to memory, so that it doesn't leak to disk13:37
kirklandtjaalton: and for a bit, unix DAC permissions are all that protects it13:37
kirklandtjaalton: when the user first logs in, pam_ecryptfs looks for an appropriate file there13:37
kirklandtjaalton: owned by the user, perm'd correctly13:37
kirklandtjaalton: and if found, we do the passphrase wrapping immediately13:38
kirklandtjaalton: /dev/shm doesn't persist across reboots, of course13:38
sorenDaviey: People adding dependencies to their code *way* past feature freeze is what the issue is.13:38
kirklandtjaalton: but we do have a safety net13:38
Davieysoren: yeah!13:38
kirklandtjaalton: we have a pair of ecryptfs upstart scripts, that copy those passphrase files from /dev/shm to /var/tmp and back to /dev/shm on boot and reboot13:38
Davieysoren: did you also see that the default port changed?13:38
zulsoren: agreed! i want people to burst into flames13:39
kirklandtjaalton: however, it doesn't look like that that upstart script is being run on installer shutdown13:39
kirklandtjaalton: and hence, your bug13:39
zulDaviey: https://github.com/openstack/keystone/commit/011005cdc67dd8176160b74152ba86308921da3f13:40
kirklandtjaalton: so, what i need to do is put that generated passphrase in /var/tmp if we're in the installer13:40
kirklandtjaalton: and then on first boot, the ecryptfs upstart job will pick it up13:40
tjaaltonkirkland: alrighty13:41
sorenDaviey: oh, ffs. No.13:41
zulDaviey: problem with backing out that code...i dont know what else would break13:41
kirklandtjaalton: does that make sense to you?13:41
Davieysoren: Yeah, between what we have in the archive and their late release, they switched the port.13:42
DavieyI feel dirty SRUing that TBH.13:42
Davieyho hum13:42
sorenDaviey: Change it back.13:42
Davieysoren: I dunno, either keep what we have in Oneiric already.. switch to the new port, or expose both.13:43
tjaaltonkirkland: guess so. there's the short window of some user getting the passphrase between ecryptfs setup and first login though, right? rather theoretical though13:44
kirklandtjaalton: not "some user", but rather a "root user"13:45
tjaaltonkirkland: right, exactly13:45
kirklandtjaalton: or a user with physical access to the system (can boot a recovery media)13:45
tjaaltonkirkland: that13:45
kirklandtjaalton: but yes, small window is correct13:45
zulDaviey: so what do you think?13:50
Davieyzul: try it, certainly a conversation starter :)13:51
Davieyzul: get it in Precise first13:51
zulDaviey: oh i just uploaded passlib about 20 minutes ago thats what prompted this13:52
Davieyzul: ah13:54
TheEvilPhoenixis there a command I can use to kill -9 all running processes of a specific user without having to enter a ton of PIDs?13:54
ivoksDaviey: sure; i'll take a look at it13:55
Davieyivoks: great13:55
lynxmanTheEvilPhoenix: ps aux | grep ^username | awk '{print $2}' | xargs kill -913:55
ivoksthat reminds me... ne to re-apply for motu13:55
zulDaviey: i just want to get a new keystone in precise first13:56
uvirtbotNew bug: #882579 in libvirt (main) "Some Commands return: "Timed out during operation: cannot acquire state change lock"" [Undecided,New] https://launchpad.net/bugs/88257914:01
uvirtbotNew bug: #882613 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/88261315:21
lynxmanzul: how do you feel today? Have space for another sync? :)15:28
=== guampa_ is now known as guampa
zullynxman: sure15:29
lynxmanzul: #882616 is ready then, if you feel like it :)15:29
kirklandtjaalton: okay, cool, i reproduced the problem here, and confirmed the fix, whoop :-)15:33
kirklandtjaalton: won't land in 11.10, unfortunately, as it would require an ISO respin15:33
kirklandtjaalton: could sru and help with net installs, i suppose15:33
kirklandtjaalton: up to you to drive that SRU, if you want it15:33
kirklandtjaalton: patch is a trivial, one-liner15:33
smoserDaviey, i did not touch nor was planning on touching nagios-plugins. do you need me to ?15:47
smoserDaviey, i sru'd a new binary package to lucid15:48
zulsmoser: so it can be done?15:49
smoserwell, new binary != new source15:49
smoseri pulled grub-legacy-ec2 back to lucid for booting pv-grub.15:49
zulsmoser: yeah im talking new binary and new source15:49
smoserback from maverick.15:49
Davieysmoser: Can i take great pleasure in telling you that you are wrong?15:50
Davieysmoser: I don't /need/ you to, but wanted to check if it was on your list - as touched-it-last?15:50
smoseri wasn't planning on it, but i'll do it.15:51
smosersince you were so nice about pointing out that i was wrong.15:51
Davieysmoser: I took no pleasure.15:52
zulsirens and everything15:53
* zul lunches15:53
scalability-junkhey I want to resize /var which is mounted at /dev/vg0 I already extended the lvm with lvextend and I'm not sure now how to extend /var ,without loosing data. any help?15:55
smoserDaviey, another opportunity to point out that I was wrong has presented itself very nicely to you on the openstack mailing list.15:59
smoseryou should revel in that.15:59
smoserthis doesn't happen very often.15:59
Davieysmoser: waaat?16:02
tjaaltonkirkland: thanks! no need to sru, I'll be soon testing precise anyway :) (and can hack around it in early_command etc)16:12
kirklandtjaalton: thx16:12
DrPoOHi, Im running 10.04 LTS and I always get a "System restart required" message when I log in, even after I restart. Any ideas as to where to start dealing with this issue?16:13
smoseri was wrong about keystone getting fixed in 11.10, Daviey16:20
smoseri even publicly admitted that i was the one who had led the kind fellow astray.16:21
koolhead17lynxman: wassup!!16:29
lynxmankoolhead17: wassuuuup16:29
koolhead17lynxman: hehe!! #glance glance16:31
lynxmankoolhead17: working in glance, having a bud? ;)16:32
scalability-junkmhh any idea on how to extend a ext4 partition on lvm? without loosing the data?16:33
scalability-junkI can't dismount /var cause it is in use16:33
koolhead17lynxman: :D16:35
koolhead17now i understood why CIO likes Websense so much.16:36
lynxmankoolhead17: hehe :)16:36
zulsmoser: dont worry we still love you16:52
smoserthats what i was trying to fix16:53
lynxmansmoser: you're trying to fix love? you fool16:54
koolhead17lynxman: Love is no bug which needs patch!!  //o.0\\17:08
lynxmankoolhead17: heh :)17:08
* koolhead17 leaves for home. laters!! 17:10
scalability-junkdamn I can't get my ext4 partition to extend. lvm is already extended with lvextend, but resize2fs isn't working as i hoped.17:52
kirklandDaviey: is there a uds session around orchestra-enlist?17:55
scalability-junkany ideas?17:58
kirklandDaviey: playing with cobbler-enlist-udeb, not currently working for me17:59
kirklandDaviey: any logs on the cobbler side?18:04
kirklandDaviey: the installer's syslog is complaining about the xmlrpc response18:04
hggdhkirkland: set COBBLER_ENLIST_DEBUG on the environment -- it should print a bit more of data18:17
Davieykirkland: it's either auth, or you are using a profile which doesn't exist, i would guess18:20
scalability-junkstrange when I try to use e2fsck and my partition is mountet it doesn'T work, cause it's not mounted. when I try it when it's not mounted, it tells me it doesn't work cause it's not mounted o018:22
Randolphhi all18:49
free99hello everyone, I'm running an apache/php webserver on 11.04... I need to run an action as root when a script is called (specifically, make a directory and then change its permissions)18:53
free99but I'm having a problem with sudo in the php script18:53
onrei would avoid doing that at all costs18:54
free99well, I tried to make it secure, I make sure the data is ok in php, and the only script that is run is an SUID that doesn't accept anything but the name of the directory (no slashes or any shellcode)18:55
ersifree99: That is, like onre just wrote, a huge security risk. Also, why can't you use PHPs mkdir()?18:55
free99I've added apache to sudoers.d to allow it to run only the specific command...18:55
ersiYou should disable exec() what so ever in PHP in my honest opinion :|18:56
free99you mean I can use php to chmod and all that jazz, even though it's got to be in a root-owned directory?18:56
ersiNo, you're F'ed in that regard18:59
ersiWhy does it have to be owned by root?18:59
free99it's an NFS directory, I don't allow peers to move around beyond their directory19:00
free99I know I could do it with a different user I guess19:00
free99or, I think it's possible, but I'm not sure19:00
ersiStill, why does it have to be owned by root?19:01
ersiDo you allow users to move around beyond their directory, if something is owned by root? :P19:01
free99well, they're home directories to be specific19:05
ersiWell, whatever you're trying to do - it sounds like a very bad idea security wise.19:09
free99well, it's pretty much an LDAP server, which I'm being forced to use as the NFS server as well, the administration is handled by a PHP ldap system, and I decided I would make the home directories for the users (populate with contents of skel, set ownership, etc)...19:11
free99and I had a sudo function within the php to handle that19:11
free99it worked fine for a while... but the server's been up for 30 days and suddenly it won't work... permission to chmod and everything is denied19:12
free99it can make a directory, as root oddle19:12
free99(sigh) what would be the right way to do this?19:14
free99what's weird is that if I sudo -u <username> -i, and then 'sudo' the command that I need, it works fine19:21
free99but if apache does it, access is denied19:21
free99oh, and <username> is the apache username19:22
uvirtbotNew bug: #882679 in swift "swift-container-sync does not exist" [High,Confirmed] https://launchpad.net/bugs/88267919:25
free99let's just keep it simple: why did sudo stop working??19:28
free99I ran visudo -c -s and everything checked out ok19:28
RoAkSoAxSpamapS: howdy!! if you have a chance, could you rush the orchestra SRU please?19:33
kirklandSpamapS: +1 :-)19:34
free99please give me a few pointers with my sudo issue... I've disabled "requiretty" and like I said, everything was working until the last couple of days19:38
genii-aroundbad_fetus: Nay19:39
free99aha! I thought I'd fixed this issue with apparmor a while back, but it (mysteriously) cropped up again19:40
free99that's odd19:40
adam_gkirkland: make sure you're using the correct api endpoint url, ie http://some_host/cobbler_api (not cobbler_web)19:48
SpamapSRoAkSoAx: ack, will look at it a bit later20:11
RoAkSoAxSpamapS: awesome, thanks ;)20:11
kirklandadam_g: well, i was just using the ISO feature20:29
adam_gkirkland: i haven't tried that yet, but you still need to point it to a cobbler server, no?20:30
kirklandadam_g: hmm, i just asks for the ip address20:30
kirklandadam_g: hopefully it's adding the right url bits around that?20:31
kirklandadam_g: i can test that20:31
Davieyzul: How is bug 879853?20:32
uvirtbotLaunchpad bug 879853 in munin "Munin upload 1.4.6-1ubuntu1 drops fixes / sponsor debdiff instead" [High,Triaged] https://launchpad.net/bugs/87985320:32
adam_gkirkland: ohhh. havent tried from ISO. at the command line you specify the full URL20:32
zulDaviey: will upload it tonight20:32
Davieykirkland: no, you need a ful url20:32
kirklandDaviey: oh -- that's it then20:32
adam_gkirkland: btw the cobbler-enlist blueprint i submitted got folded into cobbler next steps20:32
kirklandDaviey: that debconf question could be improved20:32
Davieykirkland: it's not safe to be aware if it should be cobbler_api | cobbler_web or even just / ... or :$PORT20:33
kirklandadam_g: cool -- url?20:33
Davieyadam_g: that might be split up again20:33
kirklandDaviey: it'd be nice *just* to give an IP20:33
Davieykirkland: yeah, aware oif that20:33
kirklandDaviey: and even nicer for orchestra to avahi-broadcast that it's out there :-)20:33
kirklandDaviey: a la UEC like20:33
Davieykirkland: Well yeah, did think about that - but the model is different for security20:34
adam_gkirkland: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-cobbler-enlist20:34
DavieyShould orchestra server also publish the credentials over avahi?20:34
Daviey! :)20:34
kirklandDaviey: nah, just photos of your mom20:34
kirklandDaviey: silly head20:34
quentusrexAnyone know why dovecot is started by init and by an upstart job?20:35
quentusrexI keep seeing these lines in my syslog: Oct 27 13:33:50 raven kernel: [513878.916485] init: dovecot main process (21202) terminated with status 8920:39
RoAkSoAxDaviey: u getting saturday to orlando?20:42
RoAkSoAxjamespage: lynxman u guys too?20:42
DavieyRoAkSoAx: yah20:42
DavieyRoAkSoAx: saturday evening20:43
RoAkSoAxDaviey: im gonna be there too, i'm driving though20:43
jamespageRoAkSoAx: yep - me to20:43
DavieyRoAkSoAx: ah great, so we have a car for the week? :)20:43
RoAkSoAxDaviey: lol ;)20:43
RoAkSoAxDaviey: I'll be arriving ~8pm20:43
RoAkSoAxbut crashing with a friend for the night20:44
RoAkSoAxas I'm driving with a community memeber20:44
jamespageDaviey: where are you flying from?20:44
RoAkSoAxso just give me a shout20:44
RoAkSoAxif you guys wanna do soemthign20:44
DavieyRoAkSoAx: fancy a drive to Zephyrhills on Sunday? :)20:45
RoAkSoAxDaviey: could be.. what's in there?20:46
RoAkSoAxbesides the waterlol20:46
RoAkSoAxuhmm skydiving, that's what you wanna do Daviey ?20:47
DavieyRoAkSoAx: talk tomorrow20:47
Daviey<-- pub20:47
* RoAkSoAx lunch20:47
Randolphwrong chan21:04
talntidAnyone have any bash scripts to display HDD usage (percentage), load, uptime, etc, all in one? I know I can write it.. just curious if someone already has something close.21:18
patdk-lapmine shows all that info when I login, by default21:22
talntidyour right...21:30
talntidwonder if there is a command to repeat that... :)21:30
patdk-lapcheck in /etc/update-motd.d21:32
BilgeMy SSH server always terminates with error 25521:36
BilgeHow can I see why it is dying?21:36
TakyojiSomewhere in /var/log21:38
TakyojiI'm not sure which log file though; I don't know if it writes to /var/log/error.log21:42
TakyojiErm whoops, that doesn't exist. xP21:42
BilgeNo such file21:42
=== skrewler_ is now known as skrewler
TakyojiNot sure if it would be reporting it's own errors to /var/log/auth.log21:45
TakyojiI can't find really anything else explicitly stated of where it logs to21:45
kirklandtalntid: it's landscape-sysinfo21:47
Takyojiotherwise it's /var/log/syslog21:47
Takyojifor errors from the SSH daemon21:47

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!